OpenJDK Security Developer

A career in IBM Software means you’ll be part of a team that transforms our customer’s challenges into solutions.

Seeking new possibilities and always staying curious, we are a team dedicated to creating the world’s leading AI-powered, cloud-native software solutions for our customers. Our renowned legacy creates endless global opportunities for our IBMers, so the door is always open for those who want to grow their career.

We are seeking a JVM developer to join our IBM OpenJDK Security team. As part of our team, you will be responsible for developing and maintaining high-quality OpenJDK releases, working with a variety of technologies and programming languages, ensuring correctness and verifying security patches, collaborating directly with the Vulnerability Group to ensure the safety of the Java platform for both upstream and downstream distributions.

IBM’s product and technology landscape includes Research, Software, and Infrastructure. Entering this domain positions you at the heart of IBM, where growth and innovation thrive.

As a key member in our dynamic team, you will be working directly with the upstream communities of OpenJDK on bug fixes and perform backports from later versions of OpenJDK to help maintain our list of supported versions of OpenJDK for our customers, as well as helping maintain the upstream codebase. You will work on security contributions for OpenJDK, spanning a number of topics such as security providers, post quantum cryptography, integrations with FIPS platforms and general day to day security analysis, debugging and patching.

You will work closely with the JVM team and the core libraries teams, participate in upstream and downstream development with an upstream first approach.

• Software Development Expertise: Strong background in software development, demonstrating expertise in programming languages, in particular Java and C++.

• Self-Starter Mindest: A self-starter with a proactive mindset, able to initiate and drive projects independently, analyse and find problems and solve them with minimal guidance and supervision.

• Excellent Problem-Solving Skills: Demonstrated excellence in problem-solving, with the ability to tackle complex issues and find effective solutions, and the ability to review other people’s code, understand complex code interrelation and find critical security vulnerabilities.

• Collaborative Team Player: Ability to work seamlessly as part of a distributed team, contributing to collective goals and fostering a collaborative work environment, and the ability to work with upstream Open Source communities on public code.

• Proven experience of cryptography standards

• Proven experience of maintenance of legacy software

• Excellent communication skills, both written and orally, in English

• 5 years of C/C++ experience
• 5 years of experience in software analysis and security testing
• Excellent knowledge and understanding of the JVM language specification and the Java language
• Having a role (Author, Committer, Reviewer, etc..) with the upstream OpenJDK project is a plus
• Experience with penetration testing, white hacking and code breaking processes is highly desired
• Experience with FIPS and Post Quantum cryptography is highly desired
• Existing experience with the Java Garbage Collectors is a plus

IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.