Security Consultant | GRC

Introduction

In this role, you’ll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.

Your Role And Responsibilities

As a Security Consultant, you’ll provide excellent technical guidance to customers transforming their environment to increase their cryptography assets in to a Post Quantum Computing higher level of compliance. You will provide best practices on secure foundational to cloud and on premisses development practices implementations, automated provisioning of infrastructure and applications, cloud-ready application architectures, and more. You’ll provide prescriptive guidance in ensuring customers receive the best of what we can offer and you will ensure that customers have the best experience in migrating, building, modernizing, and maintaining applications on a multi cloud environment. As a Security Consultant, you will be a key advisor for IBM’s clients, analyzing business requirements to design and implement the best security solutions for their needs. You will have high visibility at the most senior levels of customer organizations, including frequent interaction with CIOs, CISOs, CTOs, their staff, and senior leadership.

Preferred Education

Bachelor's Degree

Required Technical And Professional Expertise

For this position, professional will develop consulting work related to project strategy, governance and risk, including metrics & KPI definition. Professional will also be responsible to improve cyber business resilience documentation (continuity and disaster recovery plans) defining resilience SLOs as well. Its important that the professional is available to be some days per week at client location, to meet with the client.

Experience in GRC - Governance, Risk and Compliance consulting, cybersecurity risk management, audit, sarbanes-oxley or a related field;

Advanced understanding of GRC principles, cybersecurity frameworks, and regulatory compliance requirements;

Strong knowledge of governance, risk management frameworks (e.g., COSO, COBIT), and regulatory compliance requirements;

Familiarity with BCP methodologies, risk assessment techniques, and TPRM processes;

Experience in developing and delivering security awareness training programs and policy management frameworks;

Expertise with risk management methodologies, compliance tools, and audit processes;

Familiarity with GRC platforms (e.g., RSA Archer, OneTrust) and industry-specific regulatory standards (e.g., NIST, ISO 27001, GDPR, PCI-DSS) and regulations (e.g., GDPR, HIPAA, CCPA).

Preferred Technical And Professional Experience

Certifications: CISM, CISA, CRISC, ISO 27001 Lead Auditor, CISSP, or equivalent GRC certifications preferred;

Fluent english, spanish preferred.

Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Business, or a related field;