Cybersecurity Risk Assessor Job in IBM in Banglore |8+ Years|

  • Exp. Jobs
  • Full Time
  • IT/Software Jobs
  • Salary: 55000-145000
  • Exp. 8+ Years

Website IBM

Job responsibilities:

  1. Conducting security reviews of third-party products/services to assess the security capabilities and risks of IBM / customer data, networks and IBM products or offerings
  2. Identify and analyze areas of improvement and provide appropriate recommendations for risk mitigation
  3. Working with appropriate business users and experts, ensuring that any identified risk, which requires mitigation action, including displacement/replacement of the vendor, develops and executes a plan.
  4. Monitor and drive mitigation actions.
  5. Coordinate closely with internal stakeholders (ie business units, business unit information security officers, procurement, internal audit, legal, etc.) to facilitate and assess third party relationships.
  6. The mitigation action is required for senior management of clearly at-risk areas and business units, CISO and cross-functional teams
  7. Work as a subject matter expert to help businesses identify and mitigate risks on their supplier relationships.
  8. Ensure that appropriate security terms are included in supplier contracts
  9. Minimum of 2 years experience in one of the following:
    Cloud application development, including working with Kubernetes, containers, dockers
  10. Cloud Infrastructure Management – Management of Kubernetes, containers, cloud databases and applications
  11. Experience in developing, deploying or maintaining data analytics and AI projects
  12. Experience in developing, deploying or maintaining IoT applications and infrastructure

Essential technical and professional expertise

Total 8 years experience in IT or information security field, minimum 3 years experience in any of the following:

  1. Experience in security architecture and solutions
  2. Experience in application security management
  3. Experience running vulnerability scans or management
  4. Experience in Security Operations Center (SOC)
  5. Experience in managing network security
  6. Experience in security technologies such as identity and access management, encryption, DLP, and more.e

Preferred Technical and Professional Expertise

  1. Experience in third party security control and status evaluation
  2. Experience performing risk assessment of problem areas.
  3. Management Experience – Assessment, Prioritization and Avoidance
  4. Familiar with SOC 2 Type 2 audit
  5. ISO 27001 Implementation Knowledge
  6. NIST 800-53 Implementation Experience

Preferred Certificate:

  1. CISSP
  2. CISA
  3. CRISC

To apply for this job please visit

2019-2020 © All Rights Reserved by