Supplier Security Risk Management Lead

IntroductionAt IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. Are you ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk.Your Role and Responsibilities**Preferred location: North Castle/Armonk NY****Job Description**Looking for a dynamic security leader to join the Enterprise & Technology Security (E&TS) organization as we help drive an improved IT security & privacy posture at IBM. This is a demanding role and the candidate will be responsible for IBM's Supplier Security Risk Management (SSRM) program. The candidate will be based in Armonk, NY, and will have extensive, ongoing interaction with senior executives across various IBM locations.The Supplier Security Risk Management Program within IBM E&TS is a global program, responsible for identifying, assessing and mitigating cybersecurity risks in supplier engagements. The lead will be responsible for overall execution of the SSRM program including driving strategic direction and transformation as well as expansion of the program. The candidate will also be responsible for managing a team of resources (~20) working on the program. Supply chain attack is a key threat area for IBM and this is a critical function focused on addressing supply chain security risk.We're looking for a capable security leader with proven record of delivering global security programs.**Responsibilities** **of this Enterprise & Technology Security role include:**+ Provide strategic direction to the SSRM program to address the shifting and expanding supply chain risk+ Expand the program globally, to all Geographical locations+ Maintain and update existing tools and processes to improve and scale supplier security risk program; Deploy new tools and processes as required+ Implement a continuous monitoring program to alert when suppliers are subject to a security incident or serious exposure+ Lead, engage and motivate SSRM teams and drive execution of the program, leveraging agile techniques+ Provide clear and effective verbal and written communications and briefings to provide supplier security risk oversight and insight to E&TS and IBM leadership and associated governance committees+ Collaborate and work with stakeholders for successful delivery of the program (primary stakeholders include E&TS leadership, BISOs, Procurement, Cyber Legal)+ Will report into the Governance & Risk Management lead but will have a close working relationship with all E&TS and Procurement leadershipRequired Technical and Professional Expertise+ 15+ years of cybersecurity experience+ Thought leader in risk management and risk prioritization approach for effectively managing cyber security risks in digital era+ Expertise in third party or vendor risk management and GRC (Governance, Risk, and Compliance) implementation+ Strong knowledge of cybersecurity regulations, laws and standards+ Experience managing a team of senior security professionals+ Experience with cybersecurity metrics, dashboards and managing performance effectiveness and improvement+ Experience in working with diverse cross geography teams+ Self-motivated individual, comfortable working without close supervision while able to manage to deadlines+ Team player with proven ability to build strong cross-business relationships+ Effective communication and interpersonal skills written and oral; confident in interaction with senior management (both technology and business)Preferred Technical and Professional Expertise+ CISSP, CISA, CCSK, CCSP or CISM certifications+ 5 or more years of risk management experience, preferably in the field of third party risk management+ Extensive knowledge and experience in implementing industry standards such as NIST Cybersecurity Framework, HIPAA/ HITRUST, FFIEC, FedRAMP, ISO 27001, etc.About Business UnitIBM Systems helps IT leaders think differently about their infrastructure. IBM servers and storage are no longer inanimate - they can understand, reason, and learn so our clients can innovate while avoiding IT issues. Our systems power the world's most important industries and our clients are the architects of the future. Join us to help build our leading-edge technology portfolio designed for cognitive business and optimized for cloud computing.Your Life @ IBMWhat matters to you when you're looking for your next career challenge?Maybe you want to get involved in work that really changes the world? What about somewhere with incredible and diverse career and development opportunities - where you can truly discover your passion? Are you looking for a culture of openness, collaboration and trust - where everyone has a voice? What about all of these? If so, then IBM could be your next career challenge. Join us, not to do something better, but to attempt things you never thought possible.Impact. Inclusion. Infinite Experiences. Do your best work ever.About IBMIBM's greatest invention is the IBMer. We believe that progress is made through progressive thinking, progressive leadership, progressive policy and progressive action. IBMers believe that the application of intelligence, reason and science can improve business, society and the human condition. Restlessly reinventing since 1911, we are the largest technology and consulting employer in the world, with more than 380,000 IBMers serving clients in 170 countries.Location StatementIBM offers a wide range of resources for eligible IBMers to thrive both inside and outside of work. In addition to a competitive benefits program consisting of medical and life insurance, retirement plans, and time off, eligible employees may also have access to:*12 weeks of paid parental bonding leave. Family care options are also available to support eligible employees during COVID-19.*World-class training and educational resources on our personalized, AI-driven learning platform. IBM's learning culture supports your restless attitude to grow your skills and build the depth and scale of knowledge needed to achieve your career goals.*Well-being programs to support mental and physical health.*Financial programs that empower you to plan, save, and manage your money (including expert financial counseling, 401(k), IBM stock discount, etc.).*Select educational reimbursement opportunities.*Diverse and inclusive employee resource groups where you can network and connect with IBMers across the globe.*Giving and volunteer programs to benefit charitable organizations and local communities.*Discounts on retail products, services, and experiences.We consider qualified applicants with criminal histories, consistent with applicable law.IBM will not be providing visa sponsorship for this position now or in the future. Therefore, in order to be considered for this position, you must have the ability to work without a need for current or future visa sponsorship.Being You @ IBMIBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.