The Security Architect role focuses on the design of business-driven Information Technology solutions to meet security requirements related to function, protection, assurance, risk management and compliance.
The scope of work includes:the collection and validation of requirements,
the identification of risks, threats, vulnerabilities, potential anomalous flows and interactions,
the definition of the security processes for assurance, management and compliance,
the definition of security subsystems, and
the design of integration and deployment architectures for security in Networks, Infrastructure, Middleware, Applications and Systems & Service Management systems.
Depending on the area of work, the Security Architect may perform evaluation and selection of the components, design of hardware, software, process and service components of the solution, assurance of deployment architectures, and guide secure engineering practices in development.
Utilizes knowledge of the product/deliverable/process and client usage to pinpoint opportunities for enhancement Identifies issues, potential underlying causes, and proposes opportunities for enhancement Independently devises and solutions innovative solutions leveraging analytical skills and business acumen to create value propositions Generates and leverages intellectual assets to advance digital self-service goals
Responsibilities:Review and assess IBM Data & AI services, and applications as per defined by the IBM's Security and Privacy by Design (SPbD) framework.
Identify security design gaps in existing and proposed architectures and recommend changes or enhancements.
Lead the efforts to streamline the security processes and tooling through the active participation in "Design Thinking" sessions for process and tooling changes and enhancements.
Engage, collaborate, and build trusted relationships with product managers, developers, and other security engineers.
Develop guidance and enablement material to produce secure software, services and applications that align with IBM's commitments to customers and IBM's IT Security Standards.
Advise, Design, implement enterprise-class secure software/services.
Align company standards, industry regulations, frameworks and security with overall business and technology strategy.
Identify and communicate current and emerging security threats.
Design security architecture elements to mitigate threats as they emerge.
Assess risk and develop mitigation and remediation plans for security findings in services and applications.