Jr. Security Analyst

A career in IBM Software means you’ll be part of a team that transforms our customer’s challenges into solutions. Seeking new possibilities and always staying curious, we are a team dedicated to creating the world’s leading AI-powered, cloud-native software solutions for our customers. Our renowned legacy creates endless global opportunities for our IBMers, so the door is always open for those who want to grow their career.

IBM’s product and technology landscape includes Research, Software, and Infrastructure. Entering this domain positions you at the heart of IBM, where growth and innovation thrive.

We are seeking a motivated and detail-oriented individual to join our team as a FedRAMP Security Risk and Compliance Analyst. The successful candidate will be responsible for supporting Risk and Compliance within our Government services and ensuring that cloud environments meet the required security standards.You will serve as a point of contact within our Information Security Government Risk & Compliance team. You will be responsible for working with internal security, technology, legal, and business stakeholders as well as with third party auditors to communicate compliance mandates and maintain compliance against published standards. You will support the compliance program to reduce compliance load and streamline program activities.

·      Partner cross-functionally across the organization to support the implementation of technical, management, and operational controls, with a focus on controls required to deliver and operate regulated environments.

·      Partner with other team members to prepare and update government security artifacts.

·      Collaborate with internal teams to collect and review evidence, track status and provide guidance on what good practices look like.

·      Lead or contribute toward policy, procedure and documentation development

·      Maintain a current understanding of relevant compliance standards and regulations.

·      Support assessments and coordinate with internal and external stakeholders.

·      Develop and maintain KPIs, KRIs, and dashboards for reporting on assigned compliance programs weekly, monthly, quarterly, and annually.

·      Collaborate with team members to manage the continuous monitoring (ConMon) program, including internal and external reporting on vulnerabilities, tracking POA&Ms, and developing ConMon artifacts

·      Provide FedRAMP compliance consulting to our teams for both technical and non-technical audiences