Cybersecurity Strategic Risk Mgmt Lead Cloud or Application Security in Many, LA at IBM

Date Posted: 5/16/2018

Job Snapshot

Job Description

Position: Cybersecurity Strategic Risk Management Lead
Location: Raleigh, NC or Herdon,VA
(Must be able to work onsite at one of these locations)

This role is for Cyber Risk Team in IBM CISO organization which is globally responsible for managing cybersecurity risks, establishing risk management roles and responsibilities and implementing organization-wide risk management strategy.

Candidate will be responsible for proactive assessment and identification of cybersecurity threats and concerns of emerging technologies such as Cloud, container technology, IoT, mobile, APIs and risks of new operating models such as DevOps, social coding, increase reliance on 3rd parties, etc. in IBM environments. Candidate will be responsible to perform a detailed risk analysis of the identified strategic risks, including quantitative risk assessment, benchmarking with industry standards such as NIST, COBIT, ISO 27001, etc., learning best practices and providing cost-effective recommendations to mitigate the risk. The candidate should be able to articulate security risks to the business leaders and drive remediation of the risk.

Position must be based at either our Research Triangle Park, NC or Herndon, VA offices.

  • Serve as cybersecurity risk expert and advisor for senior management on emerging threat, attacks, vulnerabilities and security concerns
  • Socialize organization’s agile security risk management framework, collaborate and gather data points from across the organization to identify strategic security risks
  • Establish a methodology to identify strategic security risks/ concerns and drive remediation of the risk.
  • Embrace agile principles to deploy iterative and continuous process for proactive risk identification and assessment and leverage cognitive solution for automated data analysis and dashboard
  • Enable risk based decision making in security investments and prioritizations for IBM CISO and senior leadership teams.
  • Collaborate with Business Unit Information Security Officer (BISO), other senior executives and security and compliance functions across the organization to understand and articulate key security challenges and concerns.
  • Interlock with Enterprise Risk Management, Business Controls and Internal Audit function and provide an assurance on the strategic security risk management
  • Be knowledgeable about current security threats, events and breaches in the industry

Skills required:
  • Experience in cloud security architecture/ solution, data protection in cloud and security audits and assessments for cloud infrastructure
  • Should have hands-on experience in at least one of the areas: assessing the risk of DevOps environment, complex cloud network architecture or IoT environments
  • Broad domain knowledge and ability to keep abreast on emerging threats, vulnerabilities and attacks
  • Strong knowledge of cybersecurity industry standards, laws and regulations such as ISO 27001, NIST, HIPAA, FFIEC, FedRAMP, etc.
  • Ability to collaborate with numerous and diverse stakeholders in cross-geo locations working in different time zones
  • Ability to clearly articulate security risks and exposures to CISO leadership teams, BISOs and other executives and work with the business teams to mitigate the risk

Not Ready To Apply?

Joining our Talent Network will enhance your job search and application process. Whether you choose to apply or just leave your information, we look forward to staying connected with you.