Managing Security Consultant, IBM Security

Job Description
The Managing Security Consultant: Security Strategy, Risk & Compliance position is for an experienced security professional with demonstrated consulting experience who is able to deliver strategic security advisory services and conduct comprehensive information security assessments for key IBM clients.

Candidates should be experienced information security consulting professionals with demonstrated experience performing security assessments and working with senior team member to support senior security strategy advisors at the Chief Information Security Officer (CISO) level. Candidates should possess proven record of IT and security thought leadership and be recognized for business as well as technical acumen by the customer set supported. It is preferred that the consultant have experience in mapping to multiple standards and frameworks, including NIST Cyber Security Framework (CSF), ISO 27001 and 27002, Payment Card Industry (PCI) Data Security Standard (DSS) , etc. and have experience in formulating security roadmaps to bridge existing gaps. Candidates must have demonstrated communication and presentation skills. Candidate must be a self-starter and exhibit professional business conduct at all times and available to travel up to 50%.

Required Technical and Professional Expertise

  • English Fluent (verbal and written)
  • English and French Fluent (Verbal and Written) for Montreal location
  • At least 3 years experience in information security consulting (professional services consulting for end clients)
  • At least 3 years experience in interfacing at multiple levels of client management and building relationships
  • Working knowledge of Archer GRC
  • Strong knowledge in security industry regulations/standards and compliance frameworks (e.g., ISO 27002, COBIT, PCI DSS, ITIL, etc.)
  • Solid experience in IT controls mapping, Sarbanes-Oxley (SOX) IT general controls (ITGC) testing / re-testing, test validation, and reporting
  • Experience in providing subject matter expertise in designing and enhancing the IT risk / security metrics program
  • Experience in automation of IT metrics collection from various enterprise source systems, KPI / KRI analysis and trending, and executive reporting and dashboards


Preferred Tech and Prof Experience

  • Bachelor's Degree in Information Technology
  • At least 5 years experience in information security consulting (professional services consulting for end clients)
  • Certified in at least 1 of the following: PMP, CISSP, CISA and/or CISM
  • Canadian Level 2 Security Clearance
  • Candidates who are located in Toronto, Montreal or Ottawa, Canada.


EO Statement
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.


Back to top