The Security Consultant: Security Strategy, Risk & Compliance position is for an experienced security professional with demonstrated consulting experience who is able to deliver strategic security advisory services and conduct comprehensive information security assessments for key IBM clients.
Candidates should be experienced information security consulting professionals with demonstrated experience performing security assessments and acting as senior security strategy advisors at the Chief Information Security Officer (CISO) level. Should possess proven record of IT and security thought leadership and be recognized for business as well as technical acumen by the customer set supported. It is preferred that the consultant have experience in gaping to multiple standards and frameworks including Payment Card Industry (PCI) Data Security Standard (DSS), PA-DSS, ISO, HIPAA, NIST, etc. and have experience in formulating security roadmaps to bridge existing gaps. Candidate must have demonstrated communication and presentation skills. Candidate must be a self starter and exhibit professional business conduct at all times.
Must be willing to travel up to 75%, depending on client requirements.
Required Technical and Professional Expertise
At least 5 years experience in information security consulting (professional services consulting for end clients)
At least 5 years experience in interfacing at multiple levels of client management and building relationships
At least 3 years experience in supervising/managing and leading teams to success
At least 2 years experience in managing complex projects and using project management skills
Basic knowledge in security industry regulations/standards (PCI DSS, HIPAA) and compliance frameworks (ISO 27002, CobiT)
Readiness to travel 75% annually, depending on client requirements.
Preferred Tech and Prof Experience
At least 7 years of experience in information security consulting (professional services consulting for end clients)
At least 5 years of experience in managing complex projects and using project management skills
At least 1 year of experience in a role as a Chief Information Security Officer
At least 1 year of experience in RSA Archer GRC process definition consulting
Certified in at least 1 of the following: PMP, CISSP, CISA and/or CISM
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.