Information Security Risk & Compliance

Information Security Risk & Compliance

Job Description:

Information Security

Provide consultation and security focus to the accounts regional management through the provision of advice, guidance, strategic planning and project management.
Provide an interface with the Account Customer Security Officers.
Provide a focal point for information security knowledge and security activities.
Take responsibility for the end-to-end security of the business process, managing,assessing and initiating implementation of all information security controls.

Remain independent and report directly to the Delivery Executive and Global SecurityProgram Manager.
Manage specific contract growth/ account opportunities using proven accountmanagement skills.
Direct the information security focus of the Accounts business within his/ her region,maintaining the strategy and plans for delivering the appropriate levels of security.
Understand the Account Security Requirements.

Ensure that contractual requirements for security are satisfied and that opportunities toimprove security are identified
Ensure that comprehensive documented security processes are implemented
Be conversant with the Account Security Policies, Standards and Guidelines.
Ensure the appropriate policies, standards & guidelines are in place to mandate the protection necessary for the business and to meet Account Security requirements.
Provide independent, informed and impartial guidance and in-house consultancy on information security matters and advise IBM competencies on the security implementation of the Account business within the region.
Represent the Account at a senior level on all information security matters relating to the operation and delivery of account services within the region.
Promote the visibility and awareness of information security within the account and resolve internal differences.
Update the senior account management regularly on security matters that affect the Accounts business.
Provide regional coordination of security activities and knowledge distribution.
Coordinate the Account security audit inspections within the region and in coordination with the Global Security Program Manager.

Assist with identifying risks that might expose the account through the use of IBM or Account services.
Lead investigations in the eventuality of serious security incidents within the region.
Manage Threat and Risk (TRA/ SER) processes, security issues and risks to an acceptable conclusion, SAP (Security Action Plan), ISeC and GSD331 related activities and processes
Drive the Security Operations Improvement plan. Review and discuss strategic directions for Security Services and future state.

Risk Assessment, Risk Management and Risk Mitigation.
Vulnerability Assessment and Penetration Testing.
Management of Security Services like Firewall, IDS/ IPS, Forward and Reverse Proxys, Security Event Logging and Management, URL Filtering, Email Security etc
Provide Specialist Consultation and Advise for Firewall, IDS/ IPS, Forward and Reverse Proxys, Security Event Logging and Management, URL Filtering, Email Security, New Security Product Evaluation etc.

Risk & Compliance:

Part of Risk & Compliance team providing regular cadence reviews to the Account & Compliance Team and driving compliance activities before they become overdue.
Review/ Verify the health of critical processes such as Health check, Patch Management, Risk and Issue Management.
For Overdues/ Delinquencies provide valid comments, justification, RCA and Action Plan and work with relevant stakeholders to ensure timely and proper resolution.
Ensure document management guidelines/ processes are adhered to.
Security Policy Implementation
Activities to be determined based on the projects / initiatives identified by Geo Compliance Leader.
Act as IT Audit response focal.

Provide IT pre-audit and post-audit support for both internal audits and external audits to understand and full fill data requests, understand findings/ conditions and
establish rightful ownership of the issues.
Facilitate the root cause analysis, identification of corrective and preventive actions and follow-up for closure.
Interlock with SARM, Global Sector Compliance Focal, Sector Executive and other relevant key stakeholders.
Provide periodic updates on Compliance posture.

Responsible & Accountable for ensuring smooth audit and compliance functions.
Lead different kinds of Compliance & Audit testing and deep dives.
Lead Compliance related Projects & Initiatives
Work with GEO, India & Global Compliance teams on all Compliance activities.
Have experience in reporting, presentations, Excel and other reporting tools.
Ability to understand Risk & Compliance framework and to integrate that to Account / Sector specific requirements
Ensuring a disciplined approach to issue management with focus on adhering to defined timelines and quality of action implementation
Play a consultative/ advisory role to the sector at large in terms of understanding and implementing key compliance processe

Salary: Not Disclosed by Recruiter
Industry: IT-Software / Software Services
Functional Area: IT Software – Network Administration, Security
Role Category: System Security
Role: System Security


accountsrisk managementproject managementcoordinationrisk assessmentaccount managementpoliciesipsstrategic planningsecurity operations

Desired Profile:

Education:UG -B.Tech/B.E. – Computers
PG – M.Tech – Computers
Doctorate – Any Doctorate – Any Specialization, Doctorate Not Required

Company Profile:

IBM has been present in India since 1992. IBM India’s solutions and services span all major industries including financial services, healthcare, government, automotive, telecommunications and education, among others. As a trusted partner with wide-ranging service capabilities, IBM helps clients transform and succeed in challenging circumstances.

IBM has been expanding its footprint in India – and has a presence in over 200 cities and towns across the country – either directly or through its strong business partner network. IBM India has clearly established itself as one of the leaders in the Indian Information Technology (IT) Industry – and continues to transform itself to align with global markets and geographies to grow this leadership position. Widely recognised as an employer of choice, IBM holds numerous awards for its industry-leading employment practices and policies.

The diversity and breadth of the entire IBM portfolio of research, consulting, solutions, services, systems and software, uniquely distinguishes IBM India from other companies in the industry.

To know more about business units at IBM India, click on the About Us link above.

Contact Details
Recruiter Name:HR
Telephone:Not Mentioned
Reference Id:38665BR