Introduction
IBM Consulting is IBMβs consulting and global professional services business with market leading capabilities in business and technology transformation. With deep expertise in many industries we offer strategy experience technology and operations services to many of the most innovative and valuable companies in the world. Our people are focused on accelerating our clientsβ businesses through the power of collaboration. We believe in the power of technology responsibly used to help people partners and the planet.
Your role and responsibilities
- Lead the design and implementation of security architecture for cloud-based systems ensuring the confidentiality integrity and availability of critical data and resources.
- Collaborate with cross-functional teams to assess design and integrate security controls into applications infrastructure and platforms across the organization.
- Perform risk assessments and vulnerability assessments to identify security gaps and recommend remediation strategies.
- Develop and maintain security policies standards and guidelines that align with industry best practices and compliance requirements.
- Develop Monitoring for analyzying security logs and alerts to identify potential security incidents or breaches and respond promptly to mitigate risks.
- Evaluate new technologies tools and frameworks to enhance security capabilities and ensure they meet the organization's security standards.
- Participate in security audits and assessments providing documentation and evidence as needed to demonstrate compliance with regulatory requirements.
- Stay up to date with the latest security trends threats and vulnerabilities and proactively adapt security strategies to address emerging risks.
- Baseline security clearance is required.
Required education
Bachelor's Degree
Required technical and professional expertise
- Proven experience in security architecture (5+ Years in Security Architecting role) with a focus on cloud security and application security in complex multi-cloud environments.
- In-depth knowledge of cloud platforms such as AWS Azure or Google Cloud and experience implementing security controls and best practices within these environments.
- Strong understanding of application security principles including secure coding practices vulnerability management and threat modeling.
- Familiarity with industry security frameworks and standards (e.g. NIST ISO 27001 CIS) Cloud Security posture management (CSPM) and DevSecops.
- Relevant certifications such as Certified Cloud Security Professional (CCSP) Certified Information Systems Security Professional (CISSP) or Certified Application Security Engineer (CASE) are a plus.
- Excellent communication and collaboration skills with the ability to work effectively with technical and non-technical stakeholders.