14 days old

Security Risk Lead

Bengaluru, KA 560002
  • Job Code

At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. Are you ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk.

Your Role and Responsibilities
Who You Are

The candidate will be responsible to lead supplier security review program and execute the program from India. The candidate will develop and implement an automated solution to assess security capabilities of thousands of supplier products and services. The candidate will be leading a group of risk assessors in this role.

Candidate with technical expertise in leading technologies such as Cloud, Kubernetes, Containers, Data analytics or AI technologies or IoT is an added advantage. Candidates expertise in these areas will aid risk assessment of emerging suppliers with products and solutions based on these technological areas. This is not a compliance or audit function. On the other hand, this is not a security testing function.

What You Will Do
Job Responsibilities:
  • Develop supplier security review program using standard security questionnaires and third party vendor risk management tool
  • Test and deploy the program for a group of suppliers and expand the program to scale thousands of suppliers
  • Onboard and train new team members on the program
  • Conduct security review of third party products/ services to assess the security capabilities and risks to IBM / Customer data, IBM network and IBM products/ offerings
  • Identify areas of improvement, analyze and provide appropriate recommendations for mitigation of the risk
  • Working with the appropriate business users and experts, ensure that for any identified risk that require mitigating action, including vendor disengagement/replacement, a plan is developed and executed.
  • Monitor and drive mitigation actions.
  • Partner and coordinate closely with internal stakeholders (i.e. Business units, Business Unit Information Security executives, Procurement, Internal Audit, Legal, etc.) to facilitate and assess third party relationships.
  • Clearly articulate the risk areas and required mitigation action to senior management of Business units, CISO and cross-functional teams
  • Act as a subject matter expert to assist the business in identifying and mitigating risks on their supplier relationships.
  • Ensure appropriate security terms are included in supplier contracts

Required Technical and Professional Expertise
  • Minimum 5 years of experience in one of the following:
  • Experience in security architecture and solutioning
  • Experience in application security management
  • Experience running vulnerability scans or management
  • Experience in Security Operations Center (SOC)
  • Experience in managing network security
  • Experience in security technologies such as Identity & Access Management, encryption, DLP, etc.
  • Minimum 2 years of experience in one of the following:
  • Cloud application development, including working with Kubernetes, containers, dockers
  • Cloud infrastructure management management of Kubernetes, containers, cloud databases and applications
  • Experience in development, deployment or maintenance of data analytics and AI projects
  • Experience in development, deployment or maintenance of IoT applications and infrastructure

Preferred Technical and Professional Expertise
  • Experience evaluating third party security controls and status
  • Experience conducting risk assessment of problem areas
  • Risk management experience assessment, prioritization and remediation
  • Familiarity with SOC 2 Type 2 audits
  • ISO 27001 implementation knowledge
  • NIST 800-53 implementation experience
  • CISA
  • Preferred Certifications

About Business Unit
The IBM Finance organization is responsible for driving enterprise performance and transformation. We are the financial stewards of IBM, delivering IBMs financial strategy, developing new business models, and mitigating enterprise risk.Do you have a passion for creating business value? Join our team in accounting, financial planning, pricing, business controls, tax, treasury, business development (acquisitions & divestitures), and global financing.

Your Life @ IBM
What matters to you when youre looking for your next career challenge?

Maybe you want to get involved in work that really changes the world? What about somewhere with incredible and diverse career and development opportunities where you can truly discover your passion? Are you looking for a culture of openness, collaboration and trust where everyone has a voice? What about all of these? If so, then IBM could be your next career challenge. Join us, not to do something better, but to attempt things you never thought possible.

Impact. Inclusion. Infinite Experiences. Do your best work ever.

About IBM
IBMs greatest invention is the IBMer. We believe that progress is made through progressive thinking, progressive leadership, progressive policy and progressive action. IBMers believe that the application of intelligence, reason and science can improve business, society and the human condition. Restlessly reinventing since 1911, we are the largest technology and consulting employer in the world, with more than 380,000 IBMers serving clients in 170 countries.

Location Statement
For additional information about location requirements, please discuss with the recruiter following submission of your application.

Being You @ IBM
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.



  • Computers Software and Hardware
Posted: 2019-11-08 Expires: 2019-12-08

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Security Risk Lead

Bengaluru, KA 560002

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast