Advisory Software Engineer
CurrentSecurity Architect and PSIRT Brand Manger for a variety of products which are in various world wide geographies.As Security Architect my responsibilities are to help the product teams follow IBM security policies and Security Design Lifecycle(SDL) as well as reviewing, commenting and approving product security assessments. These assessments contain evidence that products have followed IBM security procedures and policies such as:- dynamic scans- source scans- threat model- penetration test results- product security compliance- product development compliance.Federal security compliance under Federal Information Security Act(FISMA) has become a priority which I have investigated and presented the findings to our product teams.As the PSIRT Brand Manager, I guide, advise and manage the product teams on compliance with IBM PSIRT process. Responsibility include:- Internal and external security vulnerability tracking via IBM PSIRT policy which is driven by vulnerability severity(CVSS)- Managing product responses and actions to maintain compliance with IBM PSIRT procedures including working with product and legal teams- Reviewing and approving document flashes to Customers describing the security fixes and how to obtain them.- Managing the product team's security analysis, response, and fixes such that security milestones, set by legal and company PSIRT standards, are not exceeded- Created and presented a presentation to our product teams on IBM's PSIRT policy, Security Design Lifecycle(SDL), and how to quickly get started with our PSIRT tooling.Continue to work on the IBM Developer for System z(IDz) product, with multiple responsibilities including, SVT(System Verification Test) and Host System Administrator. These are documented in the January 2017 to March 2022 time frame.