Security Consultant | GRC
Introduction
In this role, you’ll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.
Your role and responsibilities
As a Security Consultant, you’ll provide excellent technical guidance to customers transforming their environment to increase their cryptography assets into a Post Quantum Computing higher level of compliance. You will provide best practices on secure foundational to cloud and on-premises development practices implementations, automated provisioning of infrastructure and applications, cloud-ready application architectures, and more. You’ll provide prescriptive guidance in ensuring customers receive the best of what we can offer and ensure that customers have the best experience in migrating, building, modernizing, and maintaining applications in a multi-cloud environment. As a Security Consultant, you will be a key advisor for IBM’s clients, analyzing business requirements to design and implement the best security solutions for their needs. You will have high visibility at the most senior levels of customer organizations, including frequent interaction with CIOs, CISOs, CTOs, their staff, and senior leadership.
Required technical and professional expertise
- Experience in GRC - Governance, Risk and Compliance consulting, cybersecurity risk management, audit, Sarbanes-Oxley or a related field;
- Advanced understanding of GRC principles, cybersecurity frameworks, and regulatory compliance requirements;
- Strong knowledge of governance, risk management frameworks (e.g., COSO, COBIT), and regulatory compliance requirements;
- Familiarity with BCP methodologies, risk assessment techniques, and TPRM processes;
- Experience in developing and delivering security awareness training programs and policy management frameworks;
- Expertise with risk management methodologies, compliance tools, and audit processes;
- Familiarity with GRC platforms (e.g., RSA Archer, OneTrust) and industry-specific regulatory standards (e.g., NIST, ISO 27001, GDPR, PCI-DSS) and regulations (e.g., GDPR, HIPAA, CCPA).
Preferred technical and professional experience
- Certifications: CISM, CISA, CRISC, ISO 27001 Lead Auditor, CISSP, or equivalent GRC certifications preferred;
- Fluent English, Spanish preferred.
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Business, or a related field;
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
mais rapidamente
