IBM Security Architect 

India, Karnataka, Bengaluru 

280015179

The Security Architect role focuses on continuous monitoring and strengthening of the Cloud security processes, aiming to ensure compliance with internal and external profiles and audits.

Responsibilities:

• Providing security and compliance subject matter expertise on cloud applications and platforms.
• Reviewing new cloud service offerings and partner technologies for potential information security risk as part of IBM’s change management and architecture review processes.
• Ensuring compliance of solutions against applicable standards, and in accordance with the IBM’s security, compliance, and privacy policies.
• Stay informed on emerging cloud technologies and evaluate vendor offerings to determine best fit for IBM’s business needs.
• Drafting technical documents for systems, architectures and processes.
• Collecting and validating security controls from IBM and external regulatory profiles.
• Identification of risks, threats, vulnerabilities and potential anomalous events flows.
• The definition of security processes for assurance, management and compliance.
• The design, integration and deployment of processes and architectures for end-to-end security, including Networks, Storage, Server Infrastructure, Management Applications and Systems.
• Staying current with industry regulations and standards, ensuring the organization’s adherence to relevant compliance frameworks including ISO 27K, SOC1 , SOC2 , HIPAA, HITRUST, PCI DSS, and IBM Cloud Financial Services.

Required Technical and Professional Expertise

• Bachelor’s degree in Computer Science, Information Security, or a related field.
• Minimum of 7 years of experience in a Security and Compliance relevant role or similar.
• Proven experience in security engineering and compliance roles.
• In-depth knowledge of security frameworks (ISO 27001, NIST, etc.) and compliance requirements, with specific experience in SOC1/SOC2, HIPAA, PCI-DSS and FS Cloud.
• Familiarity with industry best practices in areas such as access control, encryption, and identity management.
• Strong understanding of networking protocols, firewall management, and intrusion detection/prevention systems.
• Experience with security tools and technologies.
• Excellent communication and interpersonal skills.

Preferred Technical and Professional Expertise

• Master’s degree in Computer Science,Information Security, or a related field.
• Review the current enterprise cloud architecture to identify weaknesses and opportunities for improvement using cloud solutions.
• Actively participates in the vulnerability management program, including pre-deployment risk and compliance assessments.
• Conduct regular technical risk assessments of systems and infrastructure.
• Oversee and directly participate in the installation, configuration, and management of cloud security technologies.
• Manages cloud security projects as assigned.
• Actively participate in the maintenance and development of the cloud security roadmap.

Certifications (Preferred):

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Information Systems Auditor (CISA)