Shire Jobs

Introduction

At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. Are you ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk.

Your Role and Responsibilities

As a 'Security & Compliance Project Manager', you will work alongside experienced professionals towards a common goal of delivering high-quality and secure products to our clients. You will proactively seek for improvement opportunities and will focus on innovation that matters; by learning new technologies and methods that can positively impact the product roadmap. This role also requires after hours paging for high-severity events related to all of the team's secure release requirements.

• You will be part of a strong, agile, and culture-driven development team responsible for building the Supply Chain Product for tomorrow.

• Organization,excellent communication skills, security related experience (preferred)

• The 'Security & Compliance Project Manager' should continuously consider the attack vectors and security weaknesses within their area or product offering and provide solutions to remediate those weaknesses. The person should be able to articulate and communicate to leadership team about the security posture of represented products/services. This overarching responsibility drives the requirement for the person to be proficient in the required skills listed below.

• Well Organized : Ability to work independently across multiple component teams, synthesize data into clear presentations to be shared with all stake holders

• Collaborative: Must collaborate with architects, developers, and non-technical stakeholders to drive security solutions.

• Respected: Proven track record in similar roles in industry. You will be expected to establish trust and respect with the development teams.

• Technical: Good grasp of computer science and technical understanding of micro-services architecture, SaaS, Cloud Security and Infrastructure.

• Growth Mindset: The world of security is highly dynamic and IBM is a company that thrives on innovation. Our Security and Compliance professional must possess a growth mindset to keep up with the ever-changing security landscape and seek opportunities to increase their breadth and depth of security topics."

Required Technical and Professional Expertise

• Total experience of 12+ years.

• 5+ years of working experience with software product development (preferably SaaS) organizations.

• 3+ years of working experience in a leadership or PM position, having worked acorss multiple teams, geographies and preferably in compliance related roles.

• Domain expertise in cloud software and infrastructure technologies.

• Very good knowledge and understanding in penetration testing methodologies and exploits (web applications, containers, APIs, network devices, databases, operating systems, and various cloud technologies).

• Ability to communicate highly technical aspects to Executives, IT staffs, CISO team, auditors, respectively.

• Demonstrated experience in successful driving and execution of compliance programs for common IT security standards/regulations: SOC1/2/3, ISO27K, HIPAA, PCI, FBA (formerly FFIEC), FedRAMP, GDPR, etc.

• Experience with and understanding of -

• Access Management - understand the concepts of need to know, least privilege, individual accountability, privilege access monitoring, access revalidation, etc. and ensure your service implements them. Know to avoid the use of shared IDs, excessive privileges, weak passwords, etc.

• Vulnerability Management - be able to regularly scan your systems and remediate any vulnerabilities found within required time frames

• Data Protection - understand the types of data your services deal with and have measures in place to protect that data (e.g. encryption in transit and at rest, locked down file permissions, etc.)

• Configuration Management - understand how to securely harden a system or application upon deployment

• Health Checking - know how to check that a system/application is configured correctly on an ongoing regular basis and remediate any issues within required time frames

• Logging & Monitoring - ensure there is a process in place to store key logs with data integrity in place to protect those logs and have a process in place to independently monitor those logs for any unusual activity

• Change Management - understand and follow the discipline of change management to ensure that changes to systems, applications and environments are properly planned and vetted to avoid disruption to their service

• Business Continuity - understand what business continuity requirements are necessary in your organization and actively participate in ongoing business continuity planning

• Risk Management - understand where there are gaps in compliance or areas of risk that need to be analyzed and addressed either by remediation activities or formal Risk Evaluations to ensure mitigation, executive awareness, and approval

• Audits - be prepared to support audits by providing evidence or being interviewed as required

• Common Attack Patterns - know what the common attack vectors facing the industry (e.g. CWE 25 or OWASP Top 10), be able to describe an attack, give a generic example of the payload"

Preferred Technical and Professional Expertise

• Good To Have - Certifications / Credentials - CISSP (preferred), CCNP/CCIE (preferred), CCSP, CISA/CRISC/CISM."

About Business UnitIBM Software infuses core business operations with intelligence-from machine learning to generative AI-to help make organizations more responsive, productive, and resilient. IBM Software helps clients put AI into action now to create real value with trust, speed, and confidence across digital labor, IT automation, application modernization, security, and sustainability. Critical to this is the ability to make use of all data, because AI is only as good as the data that fuels it. In most organizations data is spread across multiple clouds, on premises, in private datacenters, and at the edge. IBM's AI and data platform scales and accelerates the impact of AI with trusted data, and provides leading capabilities to train, tune and deploy AI across business. IBM's hybrid cloud platform is one of the most comprehensive and consistent approach to development, security, and operations across hybrid environments-a flexible foundation for leveraging data, wherever it resides, to extend AI deep into a business.

This job requires you to be fully COVID-19 vaccinated prior to your start date and proof of vaccination status will be required before your start date. During the Onboarding process you will be asked to confirm your vaccination status, in case you are unable to get vaccinated for any reason, you can let us know at that stage. Please let us know if you are unable to be vaccinated due to medical or religious reasons. IBM will consider such requests on a case by case basis subject to submission of required proof by the candidate before a stipulated date.

Your Life @ IBMIn a world where technology never stands still, we understand that, dedication to our clients success, innovation that matters, and trust and personal responsibility in all our relationships, lives in what we do as IBMers as we strive to be the catalyst that makes the world work better.

Being an IBMer means you'll be able to learn and develop yourself and your career, you'll be encouraged to be courageous and experiment everyday, all whilst having continuous trust and support in an environment where everyone can thrive whatever their personal or professional background.

Our IBMers are growth minded, always staying curious, open to feedback and learning new information and skills to constantly transform themselves and our company. They are trusted to provide on-going feedback to help other IBMers grow, as well as collaborate with colleagues keeping in mind a team focused approach to include different perspectives to drive exceptional outcomes for our customers. The courage our IBMers have to make critical decisions everyday is essential to IBM becoming the catalyst for progress, always embracing challenges with resources they have to hand, a can-do attitude and always striving for an outcome focused approach within everything that they do.

Are you ready to be an IBMer?

About IBMIBM's greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world.

Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we're also one of the biggest technology and consulting employers, with many of the Fortune 50 companies relying on the IBM Cloud to run their business.

At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it's time for you to join us on our journey to being a responsible technology innovator and a force for good in the world.

Location StatementWhen applying to jobs of your interest, we recommend that you do so for those that match your experience and expertise. Our recruiters advise that you apply to not more than 3 roles in a year for the best candidate experience.

For additional information about location requirements, please discuss with the recruiter following submission of your application.

Being You @ IBMIBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.