"Alerted.org

Introduction

A career in IBM Software means you’ll be part of a team that transforms our customer’s challenges into solutions.

Seeking new possibilities and always staying curious, we are a team dedicated to creating the world’s leading AI-powered, cloud-native software solutions for our customers. Our renowned legacy creates endless global opportunities for our IBMers, so the door is always open for those who want to grow their career.

IBM’s product and technology landscape includes Research, Software, and Infrastructure. Entering this domain positions you at the heart of IBM, where growth and innovation thrive.

Your role and responsibilities

IBM's FedRAMP Technical Services Department is looking for a skilled and experienced FedRAMP Technical Services Specialist to join our team. Reporting directly to the FedRAMP Program Director, this individual will play a pivotal role in overseeing technical change management processes across multiple FedRAMP-authorized services and boundaries.

In this role you will ensure that all changes are rigorously assessed for risk, align with NIST 800-53 security controls, and maintain the highest standards of compliance within IBM's FedRAMP environment. You will be responsible for the management of significant change processes and will serve as the organization's Subject Matter Expert (SME) for significant change process management.

Responsibilities:

* Risk Assessment for Proposed Changes: Conduct comprehensive evaluations of proposed technical changes to identify potential risks associated with FedRAMP-compliant environments, ensuring alignment with NIST 800-53 security controls and FedRAMP's stringent requirements.

* Impact Analysis on NIST 800-53 Controls: Identify and analyze how proposed technical changes might affect relevant NIST 800-53 security controls, maintaining a thorough understanding of the interdependencies within IBM's FedRAMP systems.

* Change Authorization Board (CAB) Participation: Actively engage in CAB meetings, providing insights on the technical feasibility and risk implications of proposed changes to facilitate informed decision-making processes regarding change approvals.

* Cross-Functional Collaboration: Work closely with various cross-functional teams, including IT, security, development, operations, and vulnerability management, to ensure seamless integration of technical changes while adhering to FedRAMP standards.

* Vulnerability Management Collaboration: Partner with the vulnerability management team to identify high-risk elements within IBM's systems, offering technical review for vulnerability remediation strategies that align with FedRAMP requirements around vendor dependencies and risk adjustment validation and verification.

* Documentation & Reporting: Maintain detailed records of change assessments, associated risks, and mitigation strategies, generating regular reports for internal audits, management oversight, and stakeholder communication purposes.

* Subject Matter Expertise for Significant Change Process: Serve as the organization's Subject Matter Expert (SME) for significant change process management, ensuring adherence to relevant FedRAMP controls and internal policies.

* Stakeholder Communication: Effectively communicate complex technical changes, their inherent risks, and implemented risk mitigations to diverse audiences, including senior leadership, project teams, and external authorities where necessary, ensuring transparency and compliance understanding.

* Continuous Improvement & Compliance Monitoring: Stay abreast of evolving FedRAMP requirements and industry best practices, driving continuous improvement in change management processes while upholding rigorous compliance standards across multiple services and FedRAMP boundaries.

* Mentoring & Training: Provide guidance and training to junior staff members on effective technical change management practices within a FedRAMP context, fostering a culture of robust security and operational excellence.

Required technical and professional expertise

* Strong knowledge of FedRAMP, NIST 800-53, and other relevant federal security standards.

* 5+ years of experience in an IT/cybersecurity environment with a focus on FedRAMP/NIST800-53.

* 4+ years of proven experience in IT or cybersecurity, implementing technical changes within a regulated environment.

* Strong understanding of risk assessment methodologies and techniques.

* Ability to maintain confidentiality and handle sensitive information with discretion

* Self-motivated, detail-oriented, and able to work independently or collaboratively in a fast-paced environment.

Preferred technical and professional experience

* Familiarity with Agile/Scrum methodologies.

* Relevant AWS certifications (AWS Solutions Architect, AWS Security Specialty, AWS Advanced Networking).

* Relevant cybersecurity certifications (CC, CISSP,CCSP, CEH).

IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.