Security Compliance SME
Washington, US
IBM
For more than a century, IBM has been a global technology innovator, leading advances in AI, automation and hybrid cloud solutions that help businesses grow.
Introduction
Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant, you will be a key advisor for IBM’s clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client’s organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.
Your Role and Responsibilities
The Security Compliance SME will be responsible Security Assessment and Authorization (SA&A)/ ATO and continuous monitoring of the client General Support System (GSS) and Applications during and after migration to the cloud (Azure Government). In addition, the security compliance SME will be responsible for reviewing and analyzing vulnerabilities for the GSS and applications within client environment. Will support the overall program security compliance activities including compliance with government issued guidelines and mandates such as OMB 14028, Zero Trust, logging and monitoring, encryption, etc.
Required Technical and Professional Expertise
Key Job Details
Role:Security Compliance SME Location:Washington, US Category:Consulting Employment Type:Full-Time Travel Required:No Travel Contract Type:Regular Company:(0147) International Business Machines Corporation Req ID:716919BR
Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant, you will be a key advisor for IBM’s clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client’s organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.
Your Role and Responsibilities
The Security Compliance SME will be responsible Security Assessment and Authorization (SA&A)/ ATO and continuous monitoring of the client General Support System (GSS) and Applications during and after migration to the cloud (Azure Government). In addition, the security compliance SME will be responsible for reviewing and analyzing vulnerabilities for the GSS and applications within client environment. Will support the overall program security compliance activities including compliance with government issued guidelines and mandates such as OMB 14028, Zero Trust, logging and monitoring, encryption, etc.
Required Technical and Professional Expertise
- 10+ years experience leading FISMA/NIST RMF/NIST 800-53 implementation and management
- 10+ years experience writing, reviewing, and maintaining ATO documentation including SSPs, POA&Ms, and security policies
- 10 years of experience with CSP (Azure Goverment) FedRAMP inheritable controls and Customer Responsibility Matrix (CRM) and can clearly elaborate roles and responsibilities and controls to the client.
- 10+ years of experience supporting/ responding to FISMA/ securiy audit data calls; provide relevant artifacts, and control implementation walk throughs.
- 7+ years’ experience applying hardening guidelines such as CIS benchmark and DISA STIGS and validating hardening implementation once complete
- Certified in industry recognized areas such as CISSP, CISA, or CISM
Preferred Technical and Professional Expertise
- Ability to collaborate and work well across teams (developemnt, infrastucture, applications, etc) and internal and external stakeholders
- 7+ years experience securing, documenting, and authorizing enterprise cloud environments
- 5+ years experience using Federal Governance, Risk, & Compliance (GRC) applications (CSAM, eMASS, Xacta, etc.)
- Expeience supporting independent assessors during the ATO process and annual security assessments.
- Experience with Cybersecurity Supply Chain Risk Assessment
- Excellent organization, collaboration, project management, and team leaership skills
- Strong communication skills and experience creating and delivering compliance status and metrics briefings to senior leadership
Key Job Details
Role:Security Compliance SME Location:Washington, US Category:Consulting Employment Type:Full-Time Travel Required:No Travel Contract Type:Regular Company:(0147) International Business Machines Corporation Req ID:716919BR
Projected Minimum Salary:$175,000 per year Projected Maximum Salary:$175,000-$209,000/year per year Date Posted:September 28, 2024
Job stats:
0
0
0
Category:
Compliance Jobs
Tags: Azure CISA CISM CISSP Cloud Compliance DISA eMASS Encryption FedRAMP FISMA Governance Monitoring NIST NIST 800-53 Risk assessment RMF Security assessment STIGs System Security Plan Vulnerabilities Zero Trust
Region:
North America
Country:
United States
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Security Operations Engineer jobsInformation Security Specialist jobsSenior Cybersecurity Engineer jobsInformation Security Officer jobsInformation Systems Security Officer jobsSenior Cyber Security Engineer jobsInformation System Security Officer jobsPrincipal Security Engineer jobsSenior Network Security Engineer jobsSecurity Consultant jobsChief Information Security Officer jobsSenior Penetration Tester jobsCloud Security Architect jobsStaff Security Engineer jobsSenior Information Security Analyst jobsIT Security Engineer jobsSecurity Specialist jobsCyber Security Specialist jobsThreat Intelligence Analyst jobsCybersecurity Consultant jobsCyber Security Architect jobsSecurity Operations Analyst jobsInformation System Security Officer (ISSO) jobsSenior Product Security Engineer jobsSenior Information Security Engineer jobs
RMF jobsCI/CD jobsEncryption jobsMalware jobsSDLC jobsSQL jobsIPS jobsForensics jobsGDPR jobsIDS jobsEDR jobsSplunk jobsTop Secret jobsFinance jobsDoDD 8570 jobsITIL jobsBash jobsOWASP jobsCompTIA jobsUNIX jobsTerraform jobsCRISC jobsIntrusion detection jobsSANS jobsGIAC jobs
TCP/IP jobsData Analytics jobsDocker jobsActive Directory jobsThreat detection jobsBanking jobsPolygraph jobsCCSP jobsClearance Required jobsOSCP jobsAnsible jobsSOAR jobsIT infrastructure jobsCyber defense jobsVPN jobsJavaScript jobsDNS jobsSOX jobsOracle jobsSecurity strategy jobsJira jobsSOC 2 jobsSAP jobsGCIH jobsArtificial Intelligence jobs