In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.
Your role and responsibilities
* Conduct risk assessments and identify potential compliance issues in the organization's IT systemsand infrastructure* Develop and implement controls and mitigation strategies to address identified risks* Enable compliance with relevant laws, regulations, and industry standards, such as HIPAA, PCI-DSS,and NIST* Collaborate with cross-functional teams to implement security measures and enable compliance* Develop and maintain compliance documentation, including policies, procedures, and audit reports* Perform audits and vulnerability assessments to identify areas for improvement* Stay up to date with emerging threats and regulatory changes, and recommend updates to securitycontrols and compliance procedures* Provide training and guidance to employees on security best practices and compliance requirements
Required education
Bachelor's Degree
Preferred education
Master's Degree
Required technical and professional expertise
- Performs audit evidence collection, sampling, review
- Performs control operating effectiveness assessments
- Reviews relevant policies, standards, procedures and practices for compliance, control design strength, and effectiveness
- Reviews and understand relevant technical (e.g. architecture diagrams, data flow diagrams, engineering change tickets etc.) documentation as needed.
- May perform the following types of specific assessments:
- Critical System Review
- IT Cyber Routine Work Sample Review
- Engineering Modification Review
- Vulnerability Management Review
- IT Cyber Training Program Health
- Critical Asset Work Order Review
- Produces quality final written reports as requested
