The Cloud Risk & Controls Specialist provides support for those looking to take a risk-centric approach to their digital transformation for application modernization to cloud. This role also helps clients and internal IBM partners to understand key security issues, risks, exposures, and helps develop approach to meet business needs. Key areas of responsibility include:
Control MappingsConduct control mapping assessments and produce formal reports showing how the IBM Cloud Framework for Financial Services control requirements compare to key industry and regulatory standards/requirements, as well as financial institutions' (FIs) internal control frameworks
Assess whether FIs have a scrutable control set managed by a strong enterprise risk management function
Hold discussions with internal stakeholders and clients on an 'as needed' basis to walk them through the results of various mapping assessments
Employ data analytics tools and related automation, e.g. AI, to drive controls intake process and initial gap analysis
Provide organization and thought leadership to ensure that the overall mapping program remains agile, rapid and scalable
Develop program assessment methods to drive efficiencies and evaluate service for ongoing improvement
Ensure program initiatives continue to align to organizational objectives
Oversee multiple in-flight assessments, ensuring program aims are delivered in a timely manner
Evaluate and overcome program risks and produce program reports for internal management & other key stakeholders
Maintain team's Key Performance Indicators (KPIs) and Service Level Agreements (SLAs)
FS Validations & Risk AssessmentsPartner with IBM Cloud Service/Software, IBM Cloud BISO, Infrastructure, and ISV Ecosystem teams to complete risk evaluations enabling FS Validation approvals for IBM Cloud Services/Software, MZRs, and ecosystem partners (ISVs)
As part of risk assessments, identify risks, threats, vulnerabilities, potential anomalous flows and interactions, considering potential mitigating/compensating factors
Help support development of internal and client-facing collateral providing insights and transparency into the FS Validation and risk assessment processes
IBM Cloud Framework for Financial ServicesSupport effectiveness and continuous enhancement of the FS Controls Framework and associated methodology by identifying/documenting additional requirements, based on the outcome of controls mapping efforts, that further drives the security and risk architecture
Coordinate with the IBM Cloud BISO, Compliance teams, Offering Management, and strategic partners in confirming completeness and on-going enhancements of the FS Controls Framework
Provide subject matter expertise to strengthen controls design and implementation effectiveness