What are the responsibilities and job description for the Global Security - Penetration Testing Consultant - X-Force Red position at IBM?
Introduction
A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You’ll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from our strategic partners, robust IBM technology, and Red Hat, you’ll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting, curiosity fuels success. You’ll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results. Our culture of growth and empathy focuses on your long-term career development while valuing your unique skills and experiences.
Your Role And Responsibilities
Passionate about breaking into applications, networks, systems, databases, devices and other technologies to uncover security vulnerabilities and help fix them? Are you interested in joining a team of like-minded passionate experts, many of whom have decades of experience breaking into anything and everything to help organizations strengthen their security? If so, X-Force Red, IBM Security’s team of veteran hackers, is looking for a Senior Pentest Consultant, and you may be the perfect fit.
The Senior Pentest Consultant will be part of the X-Force Red Offensive Security team. The consultant’s primary duty is to perform penetration tests against clients’ applications, networks, people and more.
Secondary duties include assisting in the sales process with potential or existing clients, and acting as a client’s primary technical contact for projects delivered by other consultants. X-Force Red consultants provide subject matter expertise in the form of research, tooling, and consulting engagements.
You should have in-depth of knowledge and experience in testing modern enterprise applications across a variety of frameworks and platforms. Identifying vulnerabilities in these applications and exploiting them to gain access to sensitive data or systems.
The consultant must be able to rapidly learn new technologies and processes with minimal assistance. While this is a remote position, there is a potential for 25% travel, including international travel. Travel depends on project requirements.
Current active clearance level or ability to obtain one is beneficial.
This Job can be perfomed from anywhere in the US
Required Technical And Professional Expertise
Technical / Professional Experience:
A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You’ll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from our strategic partners, robust IBM technology, and Red Hat, you’ll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting, curiosity fuels success. You’ll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results. Our culture of growth and empathy focuses on your long-term career development while valuing your unique skills and experiences.
Your Role And Responsibilities
Passionate about breaking into applications, networks, systems, databases, devices and other technologies to uncover security vulnerabilities and help fix them? Are you interested in joining a team of like-minded passionate experts, many of whom have decades of experience breaking into anything and everything to help organizations strengthen their security? If so, X-Force Red, IBM Security’s team of veteran hackers, is looking for a Senior Pentest Consultant, and you may be the perfect fit.
The Senior Pentest Consultant will be part of the X-Force Red Offensive Security team. The consultant’s primary duty is to perform penetration tests against clients’ applications, networks, people and more.
Secondary duties include assisting in the sales process with potential or existing clients, and acting as a client’s primary technical contact for projects delivered by other consultants. X-Force Red consultants provide subject matter expertise in the form of research, tooling, and consulting engagements.
You should have in-depth of knowledge and experience in testing modern enterprise applications across a variety of frameworks and platforms. Identifying vulnerabilities in these applications and exploiting them to gain access to sensitive data or systems.
The consultant must be able to rapidly learn new technologies and processes with minimal assistance. While this is a remote position, there is a potential for 25% travel, including international travel. Travel depends on project requirements.
Current active clearance level or ability to obtain one is beneficial.
This Job can be perfomed from anywhere in the US
Required Technical And Professional Expertise
Technical / Professional Experience:
- 3 years of penetration testing experience
- 3 years of consulting experience
- Ability and experience performing penetration tests against web applications, internal networks, wireless networks, mobile applications, thick-client applications, embedded applications, or hardware etc.
- Programming experience in one or more of the following: Java, .Net, Python, or Ruby
- Strong understanding of networks, firewalls, protocols, routing, and security technologies
- History of presenting at regional or major security conferences
- History of published research, blog posts, or other publications
- Experience coordinating security testing projects with multiple consultants.
- Effective communication and presentation skills
- The ability to lead large groups and be a primary facilitator
- Demonstrated written skills
- Drive to do research, publications, blogs, presentations, etc.
- Comfortable working in a project based / client serving model
- Ability to lead and shape client expectations
- Help drive pursuits and engage in complex deals, matching outcomes to expectations
- Ability to work easily with diverse and dynamic teams
- Ability to self-start, and work independently on projects
- Experience performing security testing of Generative AI (GenAI) applications and adversarial testing of large language models (LLMs)
- Experience with testing SaaS platforms and applications - SAP, Salesforce, Oracle
- Burp Suite Certified Practitioner, OSCP, or other technical certifications
- Experience in reverse engineering software or hardware