Security Consultant-Risk & Compliance

Introduction
Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant you will be a key advisor for IBM’s clients analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client’s organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.

Your Role and Responsibilities
As a Security Expert you will support multiple projects to ensure compliance with Security & Privacy regulations. Among the responsibilities for the role are the following:
• Engage with projects as a “perform resource” for project duration
• Work with PM to attend Risk Assessments
• Review and understand project scope to identify client and regulatory requirements
• Identify design and implement foundational client and regulatory controls by developing detailed processes and procedures based on most current Data Security & Privacy framework requirements
• Document and maintain a Risk / Incident Management Log and ensure project leadership review
• Work with project team to effectively execute controls per timing in Framework
• Perform continuous monitoring for compliance
• Drive any gap remediation activities
• Coordinate execution of end-of-project security activities

Required Technical and Professional Expertise

• Familiarity with one or more project management methodologies – mandatory
• Awareness or experience of various industry standard methodology (ISO27001 NIST COBIT etc)
• Capable of delivering work that meets/performs to functional requirements based on business requirements defined and approved by the client
• Strong Communication Skills (English) – mandatory

Preferred Technical and Professional Expertise

• Exposure to full life-cycle experience in large projects
• IT General Control Data Privacy work ISO27001 SOX InfoSec Frameworks and regulations; IT Risk and audit experience
• Preferred CISSP CISA CDPSE CRISC or PCI SQA Certified