Security Consultant

Introduction
Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant, you will be a key advisor for IBM’s clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client’s organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.
Your Role and Responsibilities

• Sound Technology Knowledge on Security Solutions across multiple OEMs in Infrastructure Security Domain.
• Strong understanding of security operations concepts perimeter defense, insider threat, kill chain analysis, threat hunting, security metrics, MITRE ATTCK framework.
• User behavior analytics, Threat Modeling, Network EDR Hunting, Hunt through MITRE Framework, Hunt through Threat Intelligence, Hunt VIA Brand Intelligence Services, Blind Hunt analogy, Hunt Pivoting, Hunt by orchestration
• Facilitate the exchange of information, providing advice and operational support for Dark Web investigation for business requirements.
• Experience managing globally distributed technology and engineering teams\\ security services
• Strong leadership experience and ability to manage and mentor team of information security SMEs through the creation of high performing teams delivering measurable improvements
• Track record of operating and presenting to senior leadership level – CISO, CTO, CIO etc.
• Experience managing delivery budgets (up to multi-million s), defining OKRs
• Experience in capacity management, hiring, training, staffing
• Experience of service migration projects, cloud platforms and SOC
• Sound Understanding of Integrated Security Solutions across Network/DC/Cloud domains
• Strong documentations, presentation and communication skills
• Setting up the local operating model for information security teams.
• Defining governance/controls framework covering information security, data security, ownership, quality, regulations
• Skilled in maturity assessments, strategy/roadmaps
• Strong architectural knowledge with one or more of Modern information security platforms on on-prem
• Demonstrable experience and knowledge of risk management principles and frameworks
• Serve as a Infrastructure security expert in consulting strategy, design and plan, and prioritized action plan workshops
• Responsible for establishing Network & Security Architecture practice and adoption of architecture and standards methodology.
• Review customer context, analyze and produce Solution ideation, Solution designing.
• Provide Subject Matter Expertise for all Infrastructure Security solutions with heavy participation in new technologies/ customer requirements
• Participate Pre-Sales (RFP/RFI/RFQ) activities for all the Network & Security proposals
• Provide improvement opportunities and recommendations on Infrastructure security.
• Provide consultation service to support new Service Requests / Intake Process.
• Solutions value in reducing cost, solving problems, and improving productivity
• Perform technical presentations, Coordinate proof of Concepts and solutions
• Learn and keep up-to-date with the latest technology products
• Builds strong professional working relationships with stakeholders to resolves disputes, define technical solutions, and drive positive change within the program.
• Ability to be flexible, decision oriented, and motivated to support management initiatives

Required Technical and Professional Expertise

• BE / B.tech. IT/CS
• Between 7- and 12-years’ experience or more in cyber security field, at least 2 years experience as cyber security manager
• Contribute to the definition of new cyber security requirements (or review of existing) regarding 28 cyber topics (data security, cloud, IAM, asset management, etc..) applicable to all group entities
• Hosting and animation of workshops to share and discuss these new cyber security requirements with worldwide group experts
• Administration of sharing spaces that host these cyber security requirements (teams, sharepoint, etc…)
• Contribute to the definition/review of patterns (grouping) of these cyber security requirements, applicable to all group entities according to level of risk exposure, all within the group cyber security program
• Contribute to the evolution of these patterns (inclusion of new cyber security requirements) as notable group programs progress (such as Zero trust, DLP, etc…)
• Contribute to the definition of evidences to provide in front of each cyber security requirement
• Regularly discuss, share and challenge BNP PARIBAS entities’ on applicable patterns
• Contribute to the evolution of the group security program (cyber security requirements, evidences and their assessment) within Group GRC IT tool

Preferred Technical and Professional Expertise

• Ability to synthetize / simplify.
• Active listening
• Ability to share / pass on knowledge.
• Communication skills – oral & written.
• Ability to anticipate business / strategic evolution.
• Ability to set up relevant performance indicators.
• Ability to understand, explain and support change.