Introduction

Information and Data are some of the most important organizational assets in today's businesses. As a Security Consultant, you will be a key advisor for IBM's clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client's organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.

Your Role and Responsibilities

The Security Consultant is responsible for:

• Centralizing management of IT and Cyber Security Risks

• Providing guidelines and technical support in compiling the Public Cloud Exception and ensuring that risks associated are accurately identified, both in relation to IT and Cybersecurity Risks for cloud platform services

• Providing Risk reporting for various stakeholders in IBM Cloud on a periodic basis to ensure that risks are managed effectively

Tooling : Public Cloud Security Exceptions, WWBCIT

As a Security Consultant in our team, you will participate in some or all the following activities:

• Perform Risk Assessments / Controls Assessment as per NIST 800-53 for IBM Cloud platform

• Contribute to define and establish security strategies and ensure those are aligned with IBM standards, public cloud business objectives and are consistent with regulations

• Support the development and implementation of public cloud policy, standards, guidelines, tools, and documentation based on industry-standard best practices and compliance requirements, for consistent execution of risk management activities

• Provide subject matter expertise of appropriate enterprise programs, policies, and procedures to be compliant with all applicable regulations including ISO, SOC, HIPAA, PCI, FedRAMP/FISMA

• Define and perform Risk based metrics measurement for the Public Cloud offering and perform metrics measurement of the governance structure, of the security policies, etc.

• Create and monitor awareness and training program throughout the public cloud organisation to ensure risks are raised appropriately by service teams

Required Technical and Professional Expertise

• Bachelor's in technical discipline, Computer Science (or relevant)

• 5+ years' experience Cyber security program and management

• Extensive experience on IT Risk, Information Security governance and management

• Experience in risk assessment processes, policy development, proposals, work statements, product evaluations, and delivery of technology

• Experience developing and managing a security metrics program

• Experience on regulatory compliance programs (like GDPR, FBA, FedRAMP/ FISMA, HIPAA, SOC 2, PCI, etc.) and audit procedures

• Strong knowledge of main Information Security standards and framework (NIST series, ISO 27000 series, CSA, etc.)

• Ability to understand enterprise business computing operations/requirements, and in particular, Cloud

• Basic knowledge of the critical security controls (Asset Management, Inventory Management, Access Management, Risk Management, System and Application Configuration, Data Integrity and Protection, Business Continuity, Network Security, Container Security, Patch Management)

• Basic technical knowledge and experience on security technologies (like Endpoint protection, Data Protection, Cloud Security, etc.) and on cyber security capabilities (SIEM, SOC, Vulnerability Management, Threat intelligence etc.)

• Advanced problem solving, analytical and communication skills to effectively interacts with technical subject matter expert as well as exec level stakeholders

Preferred Technical and Professional Expertise

• Security/privacy specific training/certification such as CRISC, CIPT, CISSP

• Experience with operations of data centers or Cloud, and network security, including security systems such as firewalls, intrusion detection, vulnerability scanning, OS patching, health checking

• Experience with container-based architectures and implementations such as Kubernetes, docker, etc.

• Project Management knowledge and experience

About Business UnitIBM Systems helps IT leaders think differently about their infrastructure. IBM servers and storage are no longer inanimate - they can understand, reason, and learn so our clients can innovate while avoiding IT issues. Our systems power the world's most important industries and our clients are the architects of the future. Join us to help build our leading-edge technology portfolio designed for cognitive business and optimized for cloud computing.

This job requires you to be fully COVID-19 vaccinated prior to your start date and proof of vaccination status will be required before your start date. During the Onboarding process you will be asked to confirm your vaccination status, in case you are unable to get vaccinated for any reason, you can let us know at that stage. Please let us know if you are unable to be vaccinated due to medical or religious reasons. IBM will consider such requests on a case by case basis subject to submission of required proof by the candidate before a stipulated date.

Your Life @ IBMIn a world where technology never stands still, we understand that, dedication to our clients success, innovation that matters, and trust and personal responsibility in all our relationships, lives in what we do as IBMers as we strive to be the catalyst that makes the world work better.

Being an IBMer means you'll be able to learn and develop yourself and your career, you'll be encouraged to be courageous and experiment everyday, all whilst having continuous trust and support in an environment where everyone can thrive whatever their personal or professional background.

Our IBMers are growth minded, always staying curious, open to feedback and learning new information and skills to constantly transform themselves and our company. They are trusted to provide on-going feedback to help other IBMers grow, as well as collaborate with colleagues keeping in mind a team focused approach to include different perspectives to drive exceptional outcomes for our customers. The courage our IBMers have to make critical decisions everyday is essential to IBM becoming the catalyst for progress, always embracing challenges with resources they have to hand, a can-do attitude and always striving for an outcome focused approach within everything that they do.

Are you ready to be an IBMer?

About IBMIBM's greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world.Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we're also one of the biggest technology and consulting employers, with many of the Fortune 50 companies relying on the IBM Cloud to run their business. At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it's time for you to join us on our journey to being a responsible technology innovator and a force for good in the world.

Location StatementWhen applying to jobs of your interest, we recommend that you do so for those that match your experience and expertise. Our recruiters advise that you apply to not more than 3 roles in a year for the best candidate experience.

For additional information about location requirements, please discuss with the recruiter following submission of your application.

Being You @ IBMIBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.