Senior Security Architect

IntroductionSoftware Developers at IBM are the backbone of our strategic initiatives to design, code, test, and provide industry-leading solutions that make the world run today - planes and trains take off on time, bank transactions complete in the blink of an eye and the world remains safe because of the work our software developers do. Whether you are working on projects internally or for a client, software development is critical to the success of IBM and our clients worldwide. At IBM, you will use the latest software development tools, techniques and approaches and work with leading minds in the industry to build solutions you can be proud of.Your Role and ResponsibilitiesWe are looking for a Senior Security Architect to join our team, who can take on a security focal role leading & assisting on security issues and requirements across multiple Cloud services. The right candidate must help our development, operation, and compliance squads take the right actions, in a timely manner, to mitigate security exposure risks while working effectively with auditors, CISO/BISO teams, and management respectively. As a security focal, be quick to learn and have a willingness to lead by example to drive the tribe forward.The right candidate must thrive in a fast-paced environment, think like both an attacker and defender, and help our development squads take the right actions in the right time frames to mitigate security exposure risks. Discovery and gathering of security requirements and controls are essential while communicating implementation progress of those controls on a regular basis to management and senior leadership. This overarching responsibility drives the requirement for the focal to either be proficient in or actively seek to be proficient in the System Administration, Access Management, Patch Management, Vulnerability Management, Inventory Management, Data Protection, Health Checking, Logging & Monitoring, Change Management, Business Continuity, Risk Management, Audits, and Common Attack Patterns.Key Responsibilities Include:* Oversee security and compliance controls for production and non-production environments maintaining internal/external audit readiness.* Work with Service, CISO/BISO, and Audit (internal/external) teams to understand requirements, to investigate issues, and to ensure appropriate plans are in place to ensure compliance.* Identify security design gaps in existing and proposed architectures and recommend changes or enhancements.* Identify and communicate current and emerging security threats, including security patch management, vulnerability management, and dependency management.* Help create solutions that balance business requirements with company information and IBM security requirements.* Ensuring software products meet regulatory and security compliance requirements.* Take ownership of assignments & drive them to completion.* Work collaboratively across functional areas for innovation to turn new ideas into reality.* Continually seek to increase understanding of security requirements and lead others to strengthen knowledge along with applicationRequired Technical and Professional Expertise* Proven Communication, collaboration, and critical thinking skills* Experience working in security areas dealing with security controls, secure engineering, vulnerabilities, and audits, etc.* Experience with compliance programs such as FedRAMP, HIPAA, GDPR, SOC 2, ISO27K, PCI, NIST, ISO, or ITAR.* Knowledge and experience in delivery of documentation, policies, procedures, and processes as required for intended audiences.* Strong ability to communicate technical aspects of compliance & security to IT squads, CISO team, auditors, and management respectively.* Working knowledge of cloud technologies with the ability to describe security concerns and what the impact might be for an organization.* Practical experience in operations or process improvement and/or creation.Preferred Technical and Professional Expertise* 5+ years of demonstrating experience in successful driving and executing compliance programs for common IT security standards/regulations: SOC1/2/3, ISO27K, HIPAA, PCI, FBA (formerly FFIEC), FedRAMP, GDPR, etc.* Strong familiarity with OWASP Top Ten, NIST, and CIS* 3+ years of working experience with designing/building cloud infrastructure.* Experience using ServiceNow* Kubernetes/Containers knowledge and experience* Applied knowledge of the OSI model, most importantly the network (layer 3) and application (layer 7).* Domain expertise in cloud network infrastructure technologies.* Development and experience with various scripting/programming languages (Golang, Rust, Python, Bash, etc.).NoneAbout Business UnitDigitization is accelerating the ongoing evolution of business, and clouds - public, private, and hybrid - enable companies to extend their existing infrastructure and integrate across systems. IBM Cloud provides the security, control, and visibility that our clients have come to expect. We are working to provide the right tools and environment to combine all of our client's data, no matter where it resides, to respond to changing market dynamics.Your Life @ IBMWhat matters to you when you're looking for your next career challenge?Maybe you want to get involved in work that really changes the world? What about somewhere with incredible and diverse career and development opportunities - where you can truly discover your passion? Are you looking for a culture of openness, collaboration and trust - where everyone has a voice? What about all of these? If so, then IBM could be your next career challenge. Join us, not to do something better, but to attempt things you never thought possible.Impact. Inclusion. Infinite Experiences. Do your best work ever.About IBMIBM's greatest invention is the IBMer. We believe that progress is made through progressive thinking, progressive leadership, progressive policy and progressive action. IBMers believe that the application of intelligence, reason and science can improve business, society and the human condition. Restlessly reinventing since 1911, we are the largest technology and consulting employer in the world, with more than 380,000 IBMers serving clients in 170 countries.Location StatementFor additional information about location requirements, please discuss with the recruiter following submission of your application.IBM intends this job to be performed entirely outside of Colorado.Being You @ IBMIBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.