Security and Compliance Architect
Austin (Travis County) Architecture / Town planning
Job description
IBM Cloud Brokerage Services is IBM's solution for Hybrid Cloud Enablement, giving our client's IT organization visibility and governance, without sacrificing speed and business agility. Our solution is built on our recent acquisition of Gravitant. We continue to operate with a startup mentality but with access to the tremendous market reach of IBM. We are global in scale, with customers in Europe, North America, South American and Asia Pacific. We are panindustry in scope, delivering to a client base representing a range of industries including: telecommunications, retail, aerospace, financial services and others.
IBM Cloud Brokerage is a purpose-built suite of applications that enables a self-service ability to browse, search, order and fulfill services powered by a comprehensive, curated IT as a Service catalog spanning Public, Private and Hybrid Clouds and Traditional IT providers. It is a core component of IBM's strategic investment in the IBM Services Platform with Watson (ISPW), a complete and automated IT as a Service environment powered by the unmatched cognitive capability of Watson.
This Security and Compliance Architect role is part of a group deploying and managing complex Enterprise software solutions in the areas of cloud brokerage, cloud management, data center transformation, Enterprise Hybrid Cloud Architectures and IT Governance.
Our delivery organization is made up of functional teams managing (a) Client Advocacy, (b) Client Onboarding and Transformation, (c) Client Solution Engineering and (d) Client Services and Enablement.
The Cloud Brokerage Security Architect will serve as an expert in information security, with risk management mindset, knowledge across multiple security domains, technical solution designs and architecture, and leadership for implementing security capabilities and security controls.
Responsibilities:
• Serve as the principal cloud security architect for IBM Cloud Brokerage solution providing leadership on Cloud Security and architectural guidance on security compliance for the solution
• Provide consulting and security guidance on emerging threats, vulnerabilities, and security practices that may have an impact on the security posture of the customer's environment
• Lead Compliance for the solution including patching, health, vulnerabilities, Pen Tests, policies that may be BISO specific, regulations such as GDPR, Incident Response etc
• Serve as a dedicated focal point for managing security incidents (including anti-virus incidents) that occur in the customer's environment. Manage and coordinate delivery teams and customer communications
• Assist in support of external, internal audits, and self-assessments for audit-readiness. Participate in audit readiness programs to ensure the security policy reflect the contract
• Collaborate with Brokerage Client Onboarding and Transformation team to provide security oversight and assist accounts with deployment of required compliance tools, ensuring tools are setup prior to steady state.
• Meet with the stakeholders to review security status, review any risks, issues, incidents, outstanding activities, current and planned changes.
• Produce reports for compliance review sessions with IBM Executives, as well as sessions with the Sector leadership to discuss compliance and milestones and drive resolution of any compliance issues
• Recommend security improvements by assessing current situation, evaluating trends, and anticipating requirements
• Serve as the focal point for all security and compliance including IBM CIO office, SaaS Security office, BISO (Business Information Security Officer) and Brokerage Delivery Business Unit
• Advocate for best practices, tools and processes which can help become effective and efficient for adopting, reflecting and sharing for increased Security & Compliance
ibmbrokeragejobs
#adaytorefer IWD18HJNA IWD18&A
Auto req ID
126496BR
Required Education
Bachelor's Degree
Role ( Job Role )
Security Architect
State / Province
TEXAS
Primary job category
Architect
Company
(0147) International Business Machines Corporation
Contract type
Regular
Employment Type
Full-Time
ERBP
Yes
Is this role a commissionable/sales incentive based position?
No
Travel Required
No Travel
IBM Business Group
GTS
Preferred Education
Master's Degree
City / Township / Village
AUSTIN
EO Statement
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.
Required Technical and Professional Expertise
· 10+ years of Enterprise Information Security, Regulatory and Risk Management Skills, knowledge of Infrastructure, Middleware / Database, and Applications, IT trends and directions, infrastructure technologies, application of technologies, knowledgeable and adaptable to changes coming in the cloud environment and help the client manage their path through those changes & proven knowledge of transformation/transition strategies & roadmaps.
· 5+ years of knowledge of security tools and frameworks such as Cloud Security Alliance (CSA), International Organization for Standardization (ISO), National Institute of Standards and Technology (NIST) etc., knowledge of ITIL processes, working knowledge in one or more of the core security domains: Governance Risk and Compliance (GRC), Identity and Access Management (IAM), Security Operations, Application, Data or Infrastructure and Virtualization.
· CISSP, CISM or CISA certification required
Country/Region
United States
Preferred Technical and Professional Experience
· 2+ years of working knowledge of Hybrid Cloud architecture and security in virtualized/containerized workloads & SaaS solutions, and background in securing multi-tenant system, and/or architecting security controls in ‘cloud' systems
· TOGAF certification
· CEH certification
Eligibility Requirements
· None
Position Type
Professional
Early Professional Track
Not Applicable - Professional Hire
New Collar Role
No