Technical Consultant: Risk & Compliance

Introduction
In this role, you’ll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world.​ Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.

A career in IBM Consulting embraces long-term relationships and close collaboration with clients across the globe.
You’ll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including IBM Software and Red Hat.
Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you’ll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience.

Your Role and Responsibilities

• Experience in Internal Control, General Computer and Application Control Audit background.
• Knowledge and experience in various Information security standards / regulations / best practices (ISO-27001, COBIT, PCI-DSS, GDPR, HIPAA, SOC2, etc.
• Knowledge of efficient way to protect the system, networks, software, data and information systems against security threats.
• Experience collaborating with a team of security experts in a diverse set of security topics including, but not limited to, security architecture, financial controls and regulatory compliance, identity and access management, data loss prevention and privacy.

Required Technical and Professional Expertise

• Good understanding of, and experience with Information Risk Management, IT Security and Compliance and Security Controls and Audit.
• Understanding of internal and external IT security standards, SOX, PCI, SOC2/1, ISO27001 standards and relevant legal compliance aspects
• Good understanding of cloud security requirements and third-party control assurance.
• Ability to interface with different groups (Third parties, Business and IT) internal and external to IT (security) and to network globally across Group businesses, as well as with external groups.

Preferred Technical and Professional Expertise

• Knowledge of Data Security Standards: PCI DSS, Privacy Principles
• Driving Platform / Application security and compliance