Apply Now    

Cybersecurity Strategic Risk Mgmt Lead Cloud or Application Security

  • Country:US
  • State:MULTIPLE
  • City:MULTIPLE CITIES
  • Category:Consultant
  • Required Education:Bachelor's Degree
  • Position Type:Professional
  • Employment Type:Full-Time
  • Contract Type:Regular
  • Req ID:142556BR
View Full Description
Job Description
This role is for Cyber Risk Team in IBM CISO organization which is globally responsible for managing cybersecurity risks, establishing risk management roles and responsibilities and implementing organization-wide risk management strategy.

Candidate will be responsible for proactive assessment and identification of cybersecurity threats and concerns of emerging technologies such as Cloud, container technology, IoT, mobile, APIs and risks of new operating models such as DevOps, social coding, increase reliance on 3rd parties, etc. in IBM environments. Candidate will be responsible to perform a detailed risk analysis of the identified strategic risks, including quantitative risk assessment, benchmarking with industry standards such as NIST, COBIT, ISO 27001, etc., learning best practices and providing cost-effective recommendations to mitigate the risk. The candidate should be able to articulate security risks to the business leaders and drive remediation of the risk.

Position must be based at either our Research Triangle Park, NC or Herndon, VA offices.

Responsibilities:
  • Serve as cybersecurity risk expert and advisor for senior management on emerging threat, attacks, vulnerabilities and security concerns
  • Socialize organization’s agile security risk management framework, collaborate and gather data points from across the organization to identify strategic security risks
  • Establish a methodology to identify strategic security risks/ concerns and drive remediation of the risk.
  • Embrace agile principles to deploy iterative and continuous process for proactive risk identification and assessment and leverage cognitive solution for automated data analysis and dashboard
  • Enable risk based decision making in security investments and prioritizations for IBM CISO and senior leadership teams.
  • Collaborate with Business Unit Information Security Officer (BISO), other senior executives and security and compliance functions across the organization to understand and articulate key security challenges and concerns.
  • Interlock with Enterprise Risk Management, Business Controls and Internal Audit function and provide an assurance on the strategic security risk management
  • Be knowledgeable about current security threats, events and breaches in the industry

Skills required:
  • Experience in cloud security architecture/ solution, data protection in cloud and security audits and assessments for cloud infrastructure
  • Should have hands-on experience in at least one of the areas: assessing the risk of DevOps environment, complex cloud network architecture or IoT environments
  • Broad domain knowledge and ability to keep abreast on emerging threats, vulnerabilities and attacks
  • Strong knowledge of cybersecurity industry standards, laws and regulations such as ISO 27001, NIST, HIPAA, FFIEC, FedRAMP, etc.
  • Ability to collaborate with numerous and diverse stakeholders in cross-geo locations working in different time zones
  • Ability to clearly articulate security risks and exposures to CISO leadership teams, BISOs and other executives and work with the business teams to mitigate the risk


Required Technical and Professional Expertise

  • 12-15 years of experience in cybersecurity field and at least 5 years of experience in cloud security.
  • Minimum 5 years of experience in implementation of GRC, risk management framework and standards
  • Professional certification in security or risk management
  • Good program and project management skills and technology expertise
  • Strong analytical & communication skills required


Preferred Tech and Prof Experience

  • Third party risk management
  • Knowledge on quantitative risk assessments such as FAIR is preferable
  • Broad domain knowledge on agile development methodologies


Preferred Education: Bachelor's Degree Commissionable: No
Apply Now    
Link for schema

Share this job