Security & Compliance Engineer
IBM
•
Research Park, CA
0
0
0
0
Entry level
Posted April 2, 2026
2 variants
Job link
Thinking about this job
Responsibilities
Responsibilities
- Compliance Engineer to support our FedRAMP Continuous Monitoring
- (ConMon) and compliance activities.
- tracking, security documentation, monthly reporting, and compliance
- operations aligned with NIST 800-53 and FedRAMP requirements.
- POA&M Data Collection: Assist with gathering and organizing monthly
- Plan of Action & Milestones (POA&M) data used to track cybersecurity
- findings.
- Team Coordination: Support communication between security,
- engineering, and operations teams to ensure updates and remediation
- activities progress on schedule.
- Vulnerability Review Support: Help analyze vulnerability scan results,
- categorize findings, and route remediation tasks to the correct
- technical teams.
- Compliance Support: Learn and apply NIST 800-53 security control
- concepts to ensure IBM systems meet federal compliance
- FedRAMP ConMon Assistance: Support the execution of FedRAMP
- Continuous Monitoring tasks, including metric gathering and KPI
- preparation.
- Tracking & Reporting: Maintain accurate vulnerability records and
- help prepare monthly compliance and risk reports for leadership.
- Process Improvement: Assist in documenting procedures, refining
- workflows, and contributing to best practices for ConMon operations.
- and reporting packages under the guidance of senior team members.
Not Met Priorities
What still needs stronger evidence
Requirements
- FedRAMP ConMon Assistance: Support the execution of FedRAMP
- Continuous Monitoring tasks, including metric gathering and KPI
- preparation.
- Tracking & Reporting: Maintain accurate vulnerability records and
- help prepare monthly compliance and risk reports for leadership.
- Process Improvement: Assist in documenting procedures, refining
- workflows, and contributing to best practices for ConMon operations.
- FedRAMP Reporting: Help compile FedRAMP-required documentation
- and reporting packages under the guidance of senior team members.
- 1–2 years of experience or internships in cybersecurity, IT security,
- compliance, or related fields (academic or project-based experience
- Basic understanding of security frameworks such as NIST 800-53, ISO
- 27001, or similar standards (coursework acceptable).
- Familiarity with vulnerability scanning concepts or tools (e.g.,
- Strong written and verbal communication skills.
- Detail-oriented with solid analytical and organizational abilities.
- Exposure to Agile practices or ticketing systems (e.g., Jira, ServiceNow)
- Interest in automation or scripting for reporting tasks (optional but
- Cybersecurity, Engineering, or a related field.
- Equivalent experience, certifications (e.g., Security+, CCNA), or
Preferred Skills
- compliance, or related fields (academic or project-based experience
- Tenable, Qualys) is a plus.
- Exposure to Agile practices or ticketing systems (e.g., Jira, ServiceNow)
- is beneficial.
- Interest in automation or scripting for reporting tasks (optional but
- welcomed).
- Preferred Technical And Professional Experience
- Cybersecurity, Engineering, or a related field.
- Equivalent experience, certifications (e.g., Security+, CCNA), or
- academic project work may be considered in lieu of degree
Education
- (Not required) – Preferred Education
- (Not required) – Bachelor's Degree
- (Not required) – 1–2 years of experience or internships in cybersecurity, IT security,
- (Not required) – compliance, or related fields (academic or project-based experience
- (Not required) – accepted).
- (Not required) – 27001, or similar standards (coursework acceptable).
- (Not required) – Bachelor’s degree in computer science, Information Technology,
- (Not required) – Cybersecurity, Engineering, or a related field.
- (Not required) – Equivalent experience, certifications (e.g., Security+, CCNA), or
- (Not required) – academic project work may be considered in lieu of degree
Introduction
A career in IBM Software means you’ll be part of a team that transforms our customer’s challenges into solutions.
Seeking new possibilities and always staying curious, we are a team dedicated to creating the world’s leading AI-powered, cloud-native software solutions for our customers. Our renowned legacy creates endless global opportunities for our IBMers, so the door is always pen for those who want to grow their career.
IBM’s product and technology landscape includes Research, Software, and Infrastructure. Entering this domain positions you at the heart of IBM, where growth and innovation thrive.
Your Role And Responsibilities
IBM is seeking a motivated and detail-oriented Entry-Level Security &
Compliance Engineer to support our FedRAMP Continuous Monitoring
(ConMon) and compliance activities. This role is ideal for early-career
professionals interested in cybersecurity, government compliance
frameworks, and cloud security. The engineer will assist with vulnerability
tracking, security documentation, monthly reporting, and compliance
operations aligned with NIST 800-53 and FedRAMP requirements.
Key Responsibilities
POA&M Data Collection: Assist with gathering and organizing monthly
Plan of Action & Milestones (POA&M) data used to track cybersecurity
findings.
Team Coordination: Support communication between security,
engineering, and operations teams to ensure updates and remediation
activities progress on schedule.
Vulnerability Review Support: Help analyze vulnerability scan results,
categorize findings, and route remediation tasks to the correct
technical teams.
Compliance Support: Learn and apply NIST 800-53 security control
concepts to ensure IBM systems meet federal compliance
requirements.
FedRAMP ConMon Assistance: Support the execution of FedRAMP
Continuous Monitoring tasks, including metric gathering and KPI
preparation.
Tracking & Reporting: Maintain accurate vulnerability records and
help prepare monthly compliance and risk reports for leadership.
Process Improvement: Assist in documenting procedures, refining
workflows, and contributing to best practices for ConMon operations.
FedRAMP Reporting: Help compile FedRAMP-required documentation
and reporting packages under the guidance of senior team members.
Preferred Education
Bachelor's Degree
Required Technical And Professional Expertise
1–2 years of experience or internships in cybersecurity, IT security,
compliance, or related fields (academic or project-based experience
accepted).
Basic understanding of security frameworks such as NIST 800-53, ISO
27001, or similar standards (coursework acceptable).
Familiarity with vulnerability scanning concepts or tools (e.g.,
Tenable, Qualys) is a plus.
Strong written and verbal communication skills.
Detail-oriented with solid analytical and organizational abilities.
Exposure to Agile practices or ticketing systems (e.g., Jira, ServiceNow)
is beneficial.
Interest in automation or scripting for reporting tasks (optional but
welcomed).
Preferred Technical And Professional Experience
Bachelor’s degree in computer science, Information Technology,
Cybersecurity, Engineering, or a related field.
Equivalent experience, certifications (e.g., Security+, CCNA), or
academic project work may be considered in lieu of degree
requirements, or
A career in IBM Software means you’ll be part of a team that transforms our customer’s challenges into solutions.
Seeking new possibilities and always staying curious, we are a team dedicated to creating the world’s leading AI-powered, cloud-native software solutions for our customers. Our renowned legacy creates endless global opportunities for our IBMers, so the door is always pen for those who want to grow their career.
IBM’s product and technology landscape includes Research, Software, and Infrastructure. Entering this domain positions you at the heart of IBM, where growth and innovation thrive.
Your Role And Responsibilities
IBM is seeking a motivated and detail-oriented Entry-Level Security &
Compliance Engineer to support our FedRAMP Continuous Monitoring
(ConMon) and compliance activities. This role is ideal for early-career
professionals interested in cybersecurity, government compliance
frameworks, and cloud security. The engineer will assist with vulnerability
tracking, security documentation, monthly reporting, and compliance
operations aligned with NIST 800-53 and FedRAMP requirements.
Key Responsibilities
POA&M Data Collection: Assist with gathering and organizing monthly
Plan of Action & Milestones (POA&M) data used to track cybersecurity
findings.
Team Coordination: Support communication between security,
engineering, and operations teams to ensure updates and remediation
activities progress on schedule.
Vulnerability Review Support: Help analyze vulnerability scan results,
categorize findings, and route remediation tasks to the correct
technical teams.
Compliance Support: Learn and apply NIST 800-53 security control
concepts to ensure IBM systems meet federal compliance
requirements.
FedRAMP ConMon Assistance: Support the execution of FedRAMP
Continuous Monitoring tasks, including metric gathering and KPI
preparation.
Tracking & Reporting: Maintain accurate vulnerability records and
help prepare monthly compliance and risk reports for leadership.
Process Improvement: Assist in documenting procedures, refining
workflows, and contributing to best practices for ConMon operations.
FedRAMP Reporting: Help compile FedRAMP-required documentation
and reporting packages under the guidance of senior team members.
Preferred Education
Bachelor's Degree
Required Technical And Professional Expertise
1–2 years of experience or internships in cybersecurity, IT security,
compliance, or related fields (academic or project-based experience
accepted).
Basic understanding of security frameworks such as NIST 800-53, ISO
27001, or similar standards (coursework acceptable).
Familiarity with vulnerability scanning concepts or tools (e.g.,
Tenable, Qualys) is a plus.
Strong written and verbal communication skills.
Detail-oriented with solid analytical and organizational abilities.
Exposure to Agile practices or ticketing systems (e.g., Jira, ServiceNow)
is beneficial.
Interest in automation or scripting for reporting tasks (optional but
welcomed).
Preferred Technical And Professional Experience
Bachelor’s degree in computer science, Information Technology,
Cybersecurity, Engineering, or a related field.
Equivalent experience, certifications (e.g., Security+, CCNA), or
academic project work may be considered in lieu of degree
requirements, or