Security Compliance SME
Multiple Cities
IBM
For more than a century, IBM has been a global technology innovator, leading advances in AI, automation and hybrid cloud solutions that help businesses grow.
Introduction
A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe.
You’ll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat.
Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you’ll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience.
Your Role and Responsibilities
The Security Compliance SME will be responsible for compliance related activities related to the SOC. This includes but not limited to providing input to the GSS SSP and ATO documentation; supporting governance and compliance activities of the SOC; policy and process development, SOC capability and ZTA assessment and audit support. In addition, the security compliance SME will be responsible for reviewing and analyzing vulnerabilities within client environment. Will support the overall program security compliance activities including compliance with government issued guidelines and mandates and SOC improvement activities.
Required Technical and Professional Expertise
10+ years experience leading FISMA/NIST RMF/NIST 800-53 implementation and management
10+ years experience writing, reviewing, and maintaining ATO documentation including SSPs, POA&Ms, and security policies
Familiarity with SOC Operations and required processes
10 years of experience with FedRAMP inheritable controls and Customer Responsibility Matrix (CRM) and can clearly elaborate roles and responsibilities and controls to the client.
10+ years of experience supporting/ responding to FISMA/ securiy audit data calls; provide relevant artifacts, and control implementation walk throughs.
7+ years’ experience applying hardening guidelines such as CIS benchmark and DISA STIGS and validating hardening implementation once complete.
Ability to collaborate and work well across teams (developemnt, infrastucture, applications, networking, etc) and internal and external stakeholders
5+ years experience using Federal Governance, Risk, & Compliance (GRC) applications (CSAM, eMASS, Xacta, etc.)
Expeience supporting independent assessors during the ATO process and annual security assessments.
Experiene developing polocies and processes
Certified in industry recognized areas such as CISSP, CISA, or CISM
Excellent organization, collaboration, project management, and team leadership skills
Strong communication skills and experience creating and delivering compliance status and metrics
Preferred Technical and Professional Expertise
2+ years’ experience coordinating across security, IT operations, audit, and development groups to achieve security outcomes
Key Job Details
Role:Security Compliance SME Location: Multiple Locations See All Washington Denver Bethesda Houston Manassas Category:Consulting Employment Type:Full-Time Travel Required:No Travel Contract Type:Regular Company:(0147) International Business Machines Corporation Req ID:730997BR
A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe.
You’ll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat.
Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you’ll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience.
Your Role and Responsibilities
The Security Compliance SME will be responsible for compliance related activities related to the SOC. This includes but not limited to providing input to the GSS SSP and ATO documentation; supporting governance and compliance activities of the SOC; policy and process development, SOC capability and ZTA assessment and audit support. In addition, the security compliance SME will be responsible for reviewing and analyzing vulnerabilities within client environment. Will support the overall program security compliance activities including compliance with government issued guidelines and mandates and SOC improvement activities.
Required Technical and Professional Expertise
10+ years experience leading FISMA/NIST RMF/NIST 800-53 implementation and management
10+ years experience writing, reviewing, and maintaining ATO documentation including SSPs, POA&Ms, and security policies
Familiarity with SOC Operations and required processes
10 years of experience with FedRAMP inheritable controls and Customer Responsibility Matrix (CRM) and can clearly elaborate roles and responsibilities and controls to the client.
10+ years of experience supporting/ responding to FISMA/ securiy audit data calls; provide relevant artifacts, and control implementation walk throughs.
7+ years’ experience applying hardening guidelines such as CIS benchmark and DISA STIGS and validating hardening implementation once complete.
Ability to collaborate and work well across teams (developemnt, infrastucture, applications, networking, etc) and internal and external stakeholders
5+ years experience using Federal Governance, Risk, & Compliance (GRC) applications (CSAM, eMASS, Xacta, etc.)
Expeience supporting independent assessors during the ATO process and annual security assessments.
Experiene developing polocies and processes
Certified in industry recognized areas such as CISSP, CISA, or CISM
Excellent organization, collaboration, project management, and team leadership skills
Strong communication skills and experience creating and delivering compliance status and metrics
Preferred Technical and Professional Expertise
2+ years’ experience coordinating across security, IT operations, audit, and development groups to achieve security outcomes
Key Job Details
Role:Security Compliance SME Location: Multiple Locations See All Washington Denver Bethesda Houston Manassas Category:Consulting Employment Type:Full-Time Travel Required:No Travel Contract Type:Regular Company:(0147) International Business Machines Corporation Req ID:730997BR
Projected Minimum Salary:$159,457 per year Projected Maximum Salary:$159,457-$187,596/year per year Date Posted:October 7, 2024
Job stats:
0
0
0
Category:
Compliance Jobs
Tags: CISA CISM CISSP Cloud Compliance DISA eMASS FedRAMP FISMA Governance NIST NIST 800-53 Red Hat RMF Security assessment SOC STIGs System Security Plan Vulnerabilities
Perks/benefits: Career development
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Senior Security Analyst jobsInformation System Security Officer jobsSenior Cloud Security Engineer jobsInformation Security Manager jobsInformation Security Specialist jobsSenior Cybersecurity Engineer jobsSenior Network Security Engineer jobsSecurity Consultant jobsIT Security Engineer jobsCyber Security Specialist jobsSenior Penetration Tester jobsSecurity Specialist jobsSenior Information Security Analyst jobsSenior Cyber Security Engineer jobsChief Information Security Officer jobsSystems Engineer jobsSystems Administrator jobsInformation System Security Officer (ISSO) jobsSenior Product Security Engineer jobsCloud Security Architect jobsIT Security Analyst jobsPrincipal Security Engineer jobsStaff Security Engineer jobsSecurity Operations Analyst jobsCybersecurity Specialist jobs
DevSecOps jobsKubernetes jobsEncryption jobsPowerShell jobsIDS jobsSplunk jobsSaaS jobsEDR jobsSDLC jobsIPS jobsRMF jobsSQL jobsTop Secret jobsIntrusion detection jobsBash jobsCompTIA jobsThreat detection jobsITIL jobsFinance jobsOWASP jobsDoDD 8570 jobsCRISC jobsDocker jobsActive Directory jobsBanking jobs
UNIX jobsTCP/IP jobsVPN jobsGIAC jobsTerraform jobsSANS jobsClearance Required jobsIT infrastructure jobsHIPAA jobsSOX jobsSOC 2 jobsOSCP jobsCISO jobsIndustrial jobsJavaScript jobsCCSP jobsData Analytics jobsDNS jobsSOAR jobsPolygraph jobsJira jobsAnsible jobsMITRE ATT&CK jobsCyber defense jobsGCIH jobs