SR SECURITY ANALYST

Introduction

IBM is looking for a Security Analyst with technical writing capabilities to join our compliance team. The successful candidate will be responsible for supporting Risk and Compliance and ensuring that cloud environments meet the required security standards. You will serve as a point of contact within our Information Security Government Risk & Compliance team. You will be responsible for working with internal security, technology, legal, and business stakeholders as well as with third party auditors to communicate compliance mandates and maintain compliance against published standards. You will support the compliance program to reduce compliance load and streamline program activities. You will be leading small and large technical document development efforts requiring you to ask questions others don’t. You’ll bring your technical and analytical background to develop and review documentation and presentations for our teams. You’ll help identify, analyze, and evaluate complex systems, policies, processes to ensure documentation follows the appropriate formats and content for its purpose.

Your Role And Responsibilities

• Support assessments and coordinate with internal and external stakeholders.
• Collaborate with internal teams to collect and review evidence, track status and provide guidance on what good practices look like.
• Maintain a current understanding of relevant compliance standards and regulations.
• Knowledge of multiple writing style guides and requirements using Microsoft (MS) Office product suite, including designing and developing in PowerPoint
• Assist in designing and implementing secure cloud solutions across AWS, Azure, IBM Cloud, and GCP.
• Collaborate with SecDevOps teams to integrate security into CI/CD pipelines,
• Ability to perform reviews and assure the quality of all written deliverables in support of a wide range of customer requirements
• Ability to communicate technical information to non-technical audiences
• Ability to work closely with Program Managers to collect writing requirements and make recommendations on technical document review
• Lead policy, procedure and documentation development
• Maintain a current understanding of relevant compliance standards and regulations.
• Support assessments and coordinate with internal and external stakeholders.
• Contribute to the assessment of and remediation to meet government and industry risk and compliance initiatives
  
  

Required Technical And Professional Expertise

• Demonstrated experience in IT security audit, compliance, or relevant regulatory experience
• Ability to translate technical and security requirements into common language.
• Willingness to learn new processes and standards as they evolve and adapt current approaches to maintain a high level of execution.
• Ability to deeply understand security controls and help improve its implementation.
• Experience with Amazon Web Services, Google Cloud, or Microsoft Azure Experience.
• Excellent writing, documenting, and communications skills
• Have an industry certification such as CISSP, CCSP, CISA, and CISM
  
  

Preferred Technical And Professional Experience

• Bachelor’s degree in computer science, Management Information Systems, or related discipline, or equivalent work experience.
• Willingness to learn new processes and standards as they evolve and adapt current approaches to maintain a high level of execution.
• Outstanding teammate but can work independently when required.
• Ability to deeply understand security controls and help improve its implementation.
• Demonstrated ability to work independently as a self-starter in a fast-paced environment.