You will work across our global teams and diverse stakeholders- security focals, executive program and delivery managers, regulatory and compliance certifications experts, product management, IT, and business teams to monitor, drive plans and deliver key security compliance metrics, analyze audit data, identify gaps, and contribute to the continuous improvement of IBM cloud security and compliance posture. Additionally, you will leverage your analytical skills to create dashboards, generate compliance reports, and support internal and external audits through data-driven insights.
Generate compliance reports from an existing dashboard or build requirements to create a new reporting dashboard
Proactively Monitor, track, and report on security compliance status across systems and processes.
Analyze large datasets to identify trends, anomalies, and compliance risks.
Support security audits, assessments, and certification efforts through data collection and analysis.
Possess strong communication skill, collaborate with cross-functional matrix teams to drive root cause analysis, corrective actions and improvements based on data insights.
Maintain and enhance compliance reporting dashboards and metrics for leadership visibility and decision making.
Experience working with security architects and technical security teams to define and implement security processes and procedures based on industry-standard best practices and compliance requirements. Defining the requirements and validating the procedures and audit testing methodology
Working with the Development teams to ensure automation of evidence collection and evidence management is always in line with compliance expectations, otherwise, identifies specific actions and owners to meet the expectations.
Assisting team members in addressing highly complex security issues applicable to enterprise environment
Ability to utilize project management principles to properly scope compliance work efforts by service lines, identify common areas of work, and create a measurable milestone plans across service lines to enable completion of compliance work items on time.
Ability to manage multiple priority projects simultaneously under a short timeline
Experience/familiar with enterprise risk management (ERM) framework, service delivery operations, software development lifecycle and be able to understand when to request and integrate risk items into compliance reporting.
Experience with compliance programs such as FedRAMP/ FISMA, HIPAA, GDPR, SOC 2, PCI, NIST, ISO, ITAR, etc.
Conducting regular reviews on compliance progression of systems and hosting internal audit/assessment as required to maintain compliance certifications.
Ability to translate and interpret regulatory compliance requirements into technical controls
Ability to understand cloud enterprise business computing operations/requirements, and effectively communicate to service lines what is expected in order to consider a work item complete. Also, will possess good understanding of networking security including security systems such as firewalls, intrusion detection, vulnerability scanning, OS patching, health-checking
Diagnosing the root cause of problems and propose solutions: Examples would be failed patches, tooling issues, false positives on system tests, authentication problems. Drive and track audit, security and compliance finding remediation to closure.
Experience with enterprise configuration Management database (CMDB) or IT Asset inventory Management. Understand CMDB's structure, data quality, relationships between CIs (Configuration Items), and updates. Use the CMDB for risk, audit, and compliance analysis and reporting
Proficiency in SQL, Excel (advanced level: pivot tables, macros), and ServiceNow— data analytics and visualization functionalities
Ability to process large datasets, identify and handle missing data, data transformation, normalization, and data quality checks.
Ability to perform data analysis to discover patterns and trends to mitigate security risks and drive business results
Work with stakeholders to define key metrics and KPIs; develop dashboards and reports for business users.
Collaborate with database engineers, data owners, security focal, product managers, and broader metrics teams to understand data needs.
Results oriented with intense focus on achieving both short and long term goals. He/she should be able to drive and execute an agenda in a fast paced, dynamic environment.
Strong project management skills with ability to design visual and appealing presentations
Strong collaboration, problem-solving and critical-thinking abilities.
Excellent communication skills — ability to explain technical findings to non-technical audiences.
Good time management, organizational skills, and ability to prioritize tasks.
Curiosity and a continuous learning mindset.
A highly organized with strong attention to detail, analytical and project management skills
Work independently within a team focused organization.
Experience or familiar with cloud service models; IaaS preferred.
Project management and consulting experience is a plus
Experience with process automation is a plus
Experience with Linux Shell, Perl or Python is a plus
