The Security Business Analyst uses audit process experience, operational audit controls knowledge and technical skills to support internal and external goals of Bluemix Infrastructure division of IBM Cloud. The Security Controls Examiner/Inspector, with limited supervision, will perform duties as a Single Point of Contact (POC) for audit participation requests received by the Cloud SOC. This includes fielding, directing, collecting and responding to audit evidence requests. The Security Business Analyst is also responsible for conducting quarterly reviews of critical controls operated by the Security Operations Center which impact the Bluemix Infrastructure division as a whole. Critical controls as defined by Security Operations Leadership are a collective from internal IBM controls, industry standard controls and governmental controls relevant to Bluemix Infrastructure Services. The Security Business Analyst is responsible for reporting measurement of required controls to the applicable compliance representatives during official testing for same controls annually or as scheduled. Identification and tracking of any deficits discovered during testing, either quarterly Security Team self-assessment or official testing for certification, are the responsibility of the Security Controls Examiner/Inspector. Immediate retesting and scheduled retesting thereafter of deficient controls are also assigned to the Security Controls Examiner/Inspector.
Auto req ID
Associate's Degree/College Diploma
Role ( Job Role )
State / Province
Primary job category
(0147) International Business Machines Corporation
Is this role a commissionable/sales incentive based position?
IBM Business Group
City / Township / Village
Being You @ IBM
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.
Required Technical and Professional Expertise
· Ensures delivery of Security Team governance, risk and compliance objectives for Bluemix Infrastructure division in IBM Cloud
· Perform single point of contact for assessment activities for the Bluemix IaaS Security Team
· Track multiple potential deficiencies as identified in assessments until resolution is sufficiently demonstrated
· Successfully engage in multiple security governance adherence initiatives simultaneously
· Perform subject matter expert role for audit and compliance requirements of the IBM Bluemix IaaS Cloud SOC and Security Team
· Identify and resolve GRC issues and conflicts within the Security Team
· Develop and deliver progress and remediation reports and presentations as directed by Security Team leadership
· Promote a risk-aware culture, ensure efficient and effective risk and security management practices by adhering to required standards and processes
Preferred Technical and Professional Experience
· Two plus years of governance, risk and compliance related work; preferably for cloud IT or security related business fields
· Experience with Business Process documentation and requirements gathering
· Experience working both independently and in a team oriented collaborative environment
· Recognize complex problems, analyze situations and provide suggested/implemented resolution(s)
· Ability to interact professionally with a diverse group including executives, managers and subject matter experts
· Ability to apply critical thinking to control and business risk interpretations
· Ability to understand concepts related to identifying and assessing cyber risks as applicable to controls frameworks
· Flexibility to conform to shifting priorities through analytical and problem-solving capabilities
· Prioritize work tasks and issues; direct work efforts and facilitate deficiency closure
· Exhibit excellent written and oral communications skills and professionals
Secondary Job Category
Technical Solutions Support Specialist
· Minimum two years of governance, risk and compliance related work, preferably for cloud IT or security related business fields
Early Professional Track
Industry Early Professional
IBM will not be providing visa sponsorship for this position now or in the future. Therefore, in order to be considered for this position, you must have the ability to work without a need for current or future visa sponsorship.
At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. Are you ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk.
Your Life @ IBM
What matters to you when you're looking for your next career challenge?
Maybe you want to get involved in work that really changes the world? What about somewhere with incredible and diverse career and development opportunities – where you can truly discover your passion? Are you looking for a culture of openness, collaboration and trust – where everyone has a voice? What about all of these? If so, then IBM could be your next career challenge. Join us, not to do something better, but to attempt things you never thought possible.
Impact. Inclusion. Infinite Experiences. Do your best work ever.
About Business Unit
Digitization is accelerating the ongoing evolution of business, and clouds - public, private, and hybrid - enable companies to extend their existing infrastructure and integrate across systems. IBM Cloud provides the security, control, and visibility that our clients have come to expect. We are working to provide the right tools and environment to combine all of our client's data, no matter where it resides, to respond to changing market dynamics.
IBM's greatest invention is the IBMer. We believe that progress is made through progressive thinking, progressive leadership, progressive policy and progressive action. IBMers believe that the application of intelligence, reason and science can improve business, society and the human condition. Restlessly reinventing since 1911, we are the largest technology and consulting employer in the world, with more than 380,000 IBMers serving clients in 170 countries.