As an IBMer, you can change the way the world works. Join IBM and be part of a diverse and global team of thinkers and doers—people who want to make an impact, cultivate their expertise and collaborate with some of the world’s top business and technology professionals. Network in an open, friendly and flexible work environment where diversity is embraced and new, creative ways of thinking are encouraged and supported. There is no better place to launch or further your career.
- Perform all aspects of the IBM Compliance Threat & Risk process
- Priority deliverable for the team
- Assessment, review and documentation of new threats and risks
- Review and renewal of current threat/risks
- Track risk approvals and take action as required when approvals not obtained
- Review and approve risk statements documented in policy exceptions until approved by the customer
- Facilitate the Executive Quarterly Risk Review process
- Execute and facilitate RCA process required from audits and reviews
- Create Control Noncompliance Issues resulting from IBM audits and reviews
- Identify, design and execute proactive compliance activities (for example: SCRs, ARRs,
- Deep Dives, compliance verification)
Required Technical and Professional Expertise:
- Minimum of three years performing Information Security activities within a large enterprise environment.
- CISSP or equivalent certification (or ability to obtain certification with in 12 months).
- Must have Hands-on Information Security experience including such items as: Leading quality review for compliance and monitoring of operational metrics. Deep dive activities and incorporating Milestones into resolution processes
- Leadership interface to IBM executives and account teams as well as technical delivery personnel
- Strong Excel and Access skills, with the ability to rapidly learn new tools and application
- Understanding of security standards and concepts and fundamental application infrastructure technologies: Operating System/networking, Middleware, Security, Databases, etc.
- Understanding of Unix, Mainframe, and Intel IT processing envronments
- Relevant experience in Risk and Compliance processes