IBM
Azure Security Compliance Lead
IBM, Durham, North Carolina, United States, 27703
IntroductionInformation and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant, you will be a key advisor for IBM’s clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client's organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.Your Role and ResponsibilitiesThe Azure Security Engineer will support a large team of infrastructure, security and application team during migration of on-prem and cloud applications to the client Azure Government enclave. The Azure security engineer will configure, operate and maintain Azure cloud native tools. The engineer will provide support for security assessment and authorization/ ATO process, security audits and will operate and maintain Azure security tools for security monitoring, analysis, and reporting.Required Technical and Professional Expertise
10+ years’ experience leading FISMA/NIST RMF/NIST 800-53 implementation and management10+ years’ experience writing, reviewing, and maintaining ATO documentation including SSPs, POA&Ms, and security policies10 years of experience with CSP ( Azure Government ) FedRAMP inheritable controls and Customer Responsibility Matrix (CRM) and can clearly elaborate roles and responsibilities and controls to the client.10+ years of experience supporting/ responding to FISMA/ security audit data calls; provide relevant artifacts, and control implementation walk throughs.7+ years experience applying hardening guidelines such as CIS benchmark and DISA STIGS and validating hardening implementation once complete.Ability to collaborate and work well across teams (development, infrastructure, applications, etc.) and internal and external stakeholders.7+ years’ experience securing, documenting, and authorizing enterprise cloud environments.5+ years experience using Federal Governance, Risk, & Compliance (GRC) applications (CSAM, eMASS, Xacta, etc.)Experience supporting independent assessors during the ATO process and annual security assessments.Experience with Cybersecurity Supply Chain Risk Assessment.Certified in industry recognized areas such as CISSP, CISA, or CISM. Azure Security Certification is preferred.Excellent organization, collaboration, project management, and team leadership skills.Strong communication skills and experience creating and delivering compliance status and metrics briefings to senior leadership.Ability to acquire a Public Trust Background investigation.U.S. Citizen.Preferred Technical and Professional Expertise
2+ years experience executing security compliance in multi-cloud or DevSecOps environments.2+ years experience coordinating across security, IT operations, audit, and development groups to achieve security outcomes.Security certification in one or more cloud environments (Azure, AWS, Google...) – Azure certification is preferred.
#J-18808-Ljbffr
10+ years’ experience leading FISMA/NIST RMF/NIST 800-53 implementation and management10+ years’ experience writing, reviewing, and maintaining ATO documentation including SSPs, POA&Ms, and security policies10 years of experience with CSP ( Azure Government ) FedRAMP inheritable controls and Customer Responsibility Matrix (CRM) and can clearly elaborate roles and responsibilities and controls to the client.10+ years of experience supporting/ responding to FISMA/ security audit data calls; provide relevant artifacts, and control implementation walk throughs.7+ years experience applying hardening guidelines such as CIS benchmark and DISA STIGS and validating hardening implementation once complete.Ability to collaborate and work well across teams (development, infrastructure, applications, etc.) and internal and external stakeholders.7+ years’ experience securing, documenting, and authorizing enterprise cloud environments.5+ years experience using Federal Governance, Risk, & Compliance (GRC) applications (CSAM, eMASS, Xacta, etc.)Experience supporting independent assessors during the ATO process and annual security assessments.Experience with Cybersecurity Supply Chain Risk Assessment.Certified in industry recognized areas such as CISSP, CISA, or CISM. Azure Security Certification is preferred.Excellent organization, collaboration, project management, and team leadership skills.Strong communication skills and experience creating and delivering compliance status and metrics briefings to senior leadership.Ability to acquire a Public Trust Background investigation.U.S. Citizen.Preferred Technical and Professional Expertise
2+ years experience executing security compliance in multi-cloud or DevSecOps environments.2+ years experience coordinating across security, IT operations, audit, and development groups to achieve security outcomes.Security certification in one or more cloud environments (Azure, AWS, Google...) – Azure certification is preferred.
#J-18808-Ljbffr