Cyber Risk Lead in Durham, NC at IBM

Date Posted: 10/17/2018

Job Snapshot

Job Description

Our team is part of chief information security office, responsible for protecting digital assets in the enterprise, by proactively identify the risks, deploy modern technologies to protect the enterprise, continuously monitor for active threats and respond rapidly. Our team has highly motivated, innovative and out-of-the box thinkers to continuously improve the security posture in an ever-changing environment.

Your Job

Successful candidate will be a Cybersecurity Lead, responsible for leading Cybersecurity risk management program by defining and implementing risk management framework, risk metrics and dashboard, risk appetite for the entire enterprise to improve the cybersecurity posture and minimize cybersecurity risk exposures. Additionally, this leader will manage the operations including, finances, organization planning, education and communications. This leader will play both an executive advisor and hands-on role requiring deep Cybersecurity subject matter expertise with demonstrated communication skills for active collaboration across various business units in IBM.

Responsibilities :
  • Serves as a leader for cyber security risk domain, developing, implementing and managing the firm’s global cybersecurity risk management strategy, framework and approach.
  • Conduct appropriate risk and control challenge and assessment activities to ensure integrated understanding and monitoring of system risks.
  • Develop and execute comprehensive risk-based assessments of the firm’s enterprise and business specific cybersecurity risk profiles.
  • Define KPIs to measure enterprise-wide security effectiveness and support Business Unit cybersecurity risk management program governance
  • Through objective verbal and written communications and briefings to provide cybersecurity risk oversight and insight to firm Governance Committees and Senior Management.
  • Identify global cybersecurity regulatory, legislative, and industry specific compliance requirements and applicability to each line of business.
  • Ensure business level cyber security risk assessments are conducted inclusive of annual entity assessments and appropriate third party and supplier risk assessments
  • Oversee the establishment of cybersecurity risk appetite statements applicable to the cybersecurity risk profile for each business unit.
  • Develop robust metrics and reporting to clearly articulate the security posture of each business unit.

Not Ready To Apply?

Joining our Talent Network will enhance your job search and application process. Whether you choose to apply or just leave your information, we look forward to staying connected with you.