Introduction
IBM Consulting is IBM's consulting and global professional services business, with market leading capabilities in business and technology transformation. With deep expertise in many industries, we offer strategy, experience, technology, and operations services to many of the most innovative and valuable companies in the world. Our people are focused on accelerating our clients' businesses through the power of collaboration. We believe in the power of technology responsibly used to help people, partners and the planet.
Your Role And Responsibilities
* Lead the design and implementation of security architecture for cloud-based systems, ensuring the confidentiality, integrity, and availability of critical data and resources.
* Collaborate with cross-functional teams to assess, design, and integrate security controls into applications, infrastructure, and platforms across the organization.
* Perform risk assessments and vulnerability assessments to identify security gaps and recommend remediation strategies.
* Develop and maintain security policies, standards, and guidelines that align with industry best practices and compliance requirements.
* Develop Monitoring for analyzying security logs and alerts to identify potential security incidents or breaches and respond promptly to mitigate risks.
* Evaluate new technologies, tools, and frameworks to enhance security capabilities and ensure they meet the organization's security standards.
* Participate in security audits and assessments, providing documentation and evidence as needed to demonstrate compliance with regulatory requirements.
* Stay up to date with the latest security trends, threats, and vulnerabilities, and proactively adapt security strategies to address emerging risks.
* Baseline security clearance is required.
Required Technical And Professional Expertise
* Proven experience in security architecture (5+ Years in Security Architecting role), with a focus on cloud security and application security in complex, multi-cloud environments.
* In-depth knowledge of cloud platforms such as AWS, Azure, or Google Cloud, and experience implementing security controls and best practices within these environments.
* Strong understanding of application security principles, including secure coding practices, vulnerability management, and threat modeling.
* Familiarity with industry security frameworks and standards (e.g., NIST, ISO 27001, CIS), Cloud Security posture management (CSPM) and DevSecops.
* Relevant certifications such as Certified Cloud Security Professional (CCSP), Certified Information Systems Security Professional (CISSP), or Certified Application Security Engineer (CASE) are a plus.
* Excellent communication and collaboration skills, with the ability to work effectively with technical and non-technical stakeholders.