ConMon Security & Compliance Engineer

IBM • Austin, TX, US

job_description.job_card.variable_hours_ago

serp_jobs.job_preview.job_type

serp_jobs.job_card.full_time

job_description.job_card.job_description

Introduction

IBM Infrastructure is a catalyst that makes the world work better because our clients demand it. Heterogeneous environments, the explosion of data, digital automation, and cybersecurity threats require hybrid cloud infrastructure that only IBM can provide.

Your ability to be creative, be a forward-thinker, and focus on innovation that matters is supported by our culture of growth and career development across our teams. Collaboration is key to IBM Infrastructure success as we bring together different business units that balance priorities to best serve our client's needs.

Your Role And Responsibilities

Monthly POA&M Gathering : Collect and analyze findings from Monthly Plan of Action & Milestones (POA&M) reports to identify, track, and manage cybersecurity vulnerabilities.
Team Communication : Act as the primary point of contact for vulnerability status updates, liaising with various teams to ensure timely resolution of identified issues.
Vulnerability Analysis & Assignment : Perform thorough analysis of vulnerability scan results, prioritize risks, and assign appropriate remediation tasks to relevant teams based on their expertise.
NIST 800-53 Compliance : Demonstrate a strong understanding of NIST 800-53 security control requirements and ensure adherence within IBM's environment.
FedRAMP Continuous Monitoring (ConMon) Knowledge : Possess in-depth knowledge of FedRAMP ConMon requirements, including the ability to create relevant Key Performance Indicators (KPIs) for our ConMon team.
Vulnerability Tracking & Reporting : Maintain an up-to-date vulnerability registry, track remediation progress, and generate monthly reports on status, trends, and risk mitigation efforts for senior management.
ConMon Process Management : Oversee the ConMon process end-to-end, ensuring its efficiency and effectiveness while maintaining regulatory compliance.
Documentation & Procedure Development : Responsible for accurate documentation of the ConMon processes, creating procedural guidelines, and establishing best practices within the team.
FedRAMP Reporting : Serve as the key point of contact for all FedRAMP-related reporting, ensuring all necessary documentation is prepared accurately and in a timely manner.
Experience & Expertise : Bring relevant experience working within a FedRAMP environment to this role.

Preferred Education

Bachelor's Degree

Required Technical And Professional Expertise

Experience in cybersecurity, vulnerability management, and compliance roles with a strong focus on FedRAMP.

Proficient understanding of NIST 800-53 and other relevant security standards.

Proven track record in managing complex ConMon processes and vulnerability remediation efforts.

Excellent written and verbal communication skills with the ability to articulate complex technical concepts effectively.

Preferred Technical And Professional Experience

Detail-oriented with strong analytical, problem-solving, and organizational abilities.

Knowledge of Agile methodologies is a plus.

Familiarity with automation tools for vulnerability management and reporting processes.

Seniority Level

Mid-Senior Level

Employment Type

Full-time

Job Function

Management and Manufacturing

Industries

IT Services and IT Consulting

J-18808-Ljbffr

serp_jobs.job_alerts.create_a_job

Compliance Engineer • Austin, TX, US