IBM Cloud Security Strategy, Risk and Compliance in Denmark

Job Description

The Cloud SSRC Senior Managing Consultant in the Europe Security Services Centre of Competence (CoC) is aimed at understanding how to deliver security strategy, risk and compliance services in relation to the Cloud. This requires demonstrating thought leadership, practice leadership, sales leadership and delivery leadership.

The delivery aspect of this role should focus on how to assist IBM clients with the transformation of security in terms of services both delivered to and on cloud environments. These should cover a range of cloud service models deployed across private, public, hybrid and/or multi-cloud (off and on-prem) environments.

There is an expectation that there will be increasing demand to work alongside IBM’s other key business units, in particular: Global Technology Services (GTS), Global Business Services (GBS), IBM Cloud as part of a larger move to cloud proposal or initial solution strategy.

Cloud SSRC Consultants will be required to develop and understand offerings which IBM will be developing and pursuing throughout 2018 and beyond for Business Development.

Marketing and Sales:

  • Be responsible for driving and assisting signings in Europe working closely with the individual Markets

  • Work with Europe solutions teams and across local Markets to provide content to drive deals that relate to cloud security transformation in multiple domains from Design, Build and Operate phases

  • Provide demonstration of IBM credentials in Cloud Security Strategy, Risk and Compliance as well as a good understanding of multiple domains IAM, Security Operations Consulting, Application and Data Security and Infrastructure Endpoint and Mobile Security

  • Drive security transformation offerings and be a focal point for Markets to help understand existing capabilities, offerings, client references and experiences

  • Act as a senior thought leader in cloud security transformation and SSRC domains internally in IBM and externally in marketing events and industry conferences

  • Ability to sell security solutions to the C-suite and the Board and existing relationships / examples of such interaction

  • Work closely with the global, regional and local solution design teams in developing client presentations and SOWs

Delivery

  • Key focal areas include:

  • Use and enhancement of Cloud Security Assessment Frameworks including IBM’s own assessment tooling to assess cloud strategy and maturity and to help develop an overall roadmap from cloud security transformation

  • HC3 Offering Development (with Europe/Global) – a global Cloud offering for continuous compliance, aimed at banks, financial services and other heavily regulated industries.

  • Secure System Development Life Cycle (SSDLC): Developing agile delivery frameworks using Cloud Security standards and mapping to the use of agile Software Delivery Lifecycle (SDLC) Models.

  • Delivery should centre around adopting an Agile approach to enable integration with delivery of Development and Operations and form a DevSecOps approach to delivering Cloud solutions.

  • Working with global and local teams, help organize project approaches and teams for client delivery

  • Participate in project delivery, to varying degrees depending on project complexity and geography needs

  • Help resolve program issues as they arise with senior leadership

  • Good understanding of Cloud architecture and industry standards are required

  • Establish strong client relationships in key accounts to help progress the Security Services portfolio

Practice

  • Provide global practice leadership by facilitating a community of like-minded practitioners to share and exchange ideas for practice growth and improvement

  • Contribute content and advice to the offering development process

  • Help shape the emerging model of the regionals Security practice

People

  • Help establish capability and skills models for the core domain

  • Become a role model for European and global practitioners in the core domain

  • Be a focal point to interview as part of practice building

Required Technical and Professional Expertise

  • Bachelor’s Degree

  • Working experience of industry compliance and security standards for traditional on-premise security including PCI DSS, ISO 27001, HIPAA, and NIST

  • Working knowledge of key cloud security standards e.g. NIST, ISO, CSA STAR etc.

  • Background knowledge of cloud service models (IaaS, Paas, SaaS etc), infrastructure and technology

  • Working knowledge in routing, firewall policy, Anti-DDoS, Web Application Firewall, Intrusion Prevention Systems, Security Information and Event Management, Identity and authentication, virtualisation, DevSecOps, micro services architecture.

  • Extensive track record in delivering large-scale, complex and multi-year security transformation programs / projects in various capacities (e.g. program director, programme manager, senior delivery/technical lead)

  • At least 10 years’ experience in management consulting, security consulting or systems integration in a top tier professional services firms or similar experience

Preferred Tech and Prof Experience

  • Knowledge of the cloud delivery, security and deployment models for IaaS offerings provided by at least one of IBM Bluemix, Amazon Web Services (AWS) and Microsoft Azure platforms.

  • An understanding of Cloud Access Security Broker (CASB) into SaaS services and integration of CASB to SOC/SIEM services.

  • Background knowledge to EU General Data Protection Regulations (GDPR) and other privacy regulations and standards related to the cloud (e.g. ISO/IEC 27018)

  • Master's Degree

  • At least 8 years’ experience in working with security consulting teams

  • At least 5 years’ experience in working in international deployment roles

  • At least 12 years’ experience in management consulting