Cloud Security Compliance Manager

IBM

4

(722)

Bengaluru, India (Remote)

Why you should apply for a job to IBM:

  • 4.4/5 in supportive management
  • 82% say women are treated fairly and equally to men
  • 80% would recommend this company to other women
  • 91% say the CEO supports gender diversity
  • Ratings are based on anonymous reviews by Fairygodboss members.

    #737010BR

    Position summary

    will participate in some or all of the following:**

    • Providing subject matter expertise in the creation, implementation, and maintenance of appropriate enterprise programs, policies, and procedures to be compliant with all applicable regulations including ISO, SOC, HIPAA, PCI, FedRAMP/FISMA

    • Having the ability to utilize working knowledge of information security best practices such as: NIST 800 series, ISO 27000 series, GDPR, etc

    • Interpreting standards, requirements, and their application to the enterprise Cloud environment in the most reasonable and cost-effective manner

    • Developing, implementing, maintaining, and overseeing enforcement of security policies

    • Collaborating with security architects and technical security teams to define and implement security processes and procedures based on industry-standard best practices and compliance requirements. Defining the requirements and validating the procedures and audit testing methodology

    • Conducting regularly scheduled audits on systems and hosting third-party audits as required in order to maintain certifications and compliance certificates.

    • Working with the DevOps teams to prepare ongoing client reporting, information for prospective clients, and marketing materials

    • Providing training to teams as needed

    • Assisting team members and internal clients in addressing highly complex security issues applicable to enterprise environment

    Required Technical and Professional Expertise

    • Minimum of 16 years of relevant compliance experience and cybersecurity knowledge
    • Compliance Managers do not require dev experience, but it is an advantage. 14+years of security compliance audit experience would be more appropriate
    • Ability to utilize working knowledge of information security best practices such as: NIST 800 series, ISO 27000 series, GDPR, etc
    • Experience with compliance programs such as FFIEC or FedRAMP/ FISMA, HIPAA, GDPR, SOC 2, or PCI
    • Experience in risk assessment processes, policy development, proposals, work statements, product evaluations, and delivery of technology
    • Ability to understand enterprise business computing operations/requirements, and in particular, Cloud
    • Ability to stand firm on issues yet be flexible and creative when working with customers to find effective solutions
    • Ability to understand and interpret laws and regulatory requirements related to information protection, and develop and implement appropriate processes to achieve and maintain compliance and reduce risk
    • Ability to lead multiple compliance programs for IBM Cloud Services
    • Ability to lead a team of 8 - 10 resources

    Education qualification.

    • Computer science BSc or equivalent

    • Security/privacy specific training such as CIPT, CRISC, CISSP, CISM

    Preferred Technical and Professional Expertise

    • Working in a change-controlled production environment.
    • Diagnosing the root cause of problems and propose solutions: Examples would be failed patches, tooling issues, false positives on system tests, authentication problems.
    • Expertise in system configuration, especially privilege control (for example sudoer configuration), and system level firewall (iptables)
    • An understanding of basic networking concepts: IPsec tunnels, firewalls, routers, public and private addressing.
    • Project Management knowledge and experience a strong plus
    • Experience with operations of data centers or Cloud, and networking security including security systems such as firewalls, intrusion detection, vulnerability scanning, OS patching, health checking
    • Experience with container-based architectures and implementations such as kubernetes, docker, etc.

    Why you should apply for a job to IBM:

  • 4.4/5 in supportive management
  • 82% say women are treated fairly and equally to men
  • 80% would recommend this company to other women
  • 91% say the CEO supports gender diversity
  • Ratings are based on anonymous reviews by Fairygodboss members.