Security and Compliance Specialist

Required:
• Experience in Distributed Operating Systems (Linux, Windows, AIX)
• Experience with IBM BigFix solution
• Ability to comprehend and respond to process changes, exhibit adherence and make judgmental decisions
• Ability to communicate effectively with audiences of varying technical aptitudes
• Ability to structure, draft and review technical documentation
• Ability to work under pressure and remain decisive.
• Should be able to mentor junior member of the team.
• Should act as a role model
• Ability to conceptualize problems
• Willingness to learn new things and technologies
• Flexible if workflow is changing
• Fluent English (spoken and written)
• Communicative competence (pro-active)
• Team player
• A very positive attitude towards life
• Highly motivated
Nice to have:
• ITIL Certified (foundation or/and practitioner) or a strong working knowledge of ITIL Incident, Problem and Change Management disciplines
• Experience in performing Middleware migrations
• Security Related Certification or experience in implementing security standards

The role aims to cover activities tailored to IBM best practices & Security Standards in various projects and their adherence to said items.
• Use the IBM specific compliance platform where requested
• Use bigFix platform to handle compliance based on requirements
• Maintain specific sites for healthchecks
• Configure BigFix instance to generate compliance data to SCA
• Monitor and Manage compliance data in SCA
• Develop fixlets / other slutions in BigFix to perform different compliance controls
• Help migrate compliance reports from Powershall scripts into native BigFix solutions
• Develop solution for manual software distribution
• Develop on demand support in bigfix for needed compliance requirements.
• Develop reporting capabilities in BigFix Instance/WebReports
• Deliver documentation and support to IBM team on compliance topic (Create general awareness documentation; Create and maintain BAU procedures regarding accessing infrastructure in compliance with security requirements; Where needed, document security requirements in other internal documents)
• Support the IBM Standard processes for patches using IBM toolset
• Control the advisories raised for accounts in scope
• Interact with proper teams to determine applicability of APARs
• Maintain the asset base for APAR management
• Provide solutions for process enhancements using BigFix platform and other means
• Create fixlets/relevance code or other solutions to support requirements or enhancements
• Propose ways to implement different scenarios required by operational context
• Configure and fine-tune bigfix instance in order to provide optimum service
• For accounts in scope, prepare patch sites
• Configure BigFix console for patch deployment
• Configure roles to accommodate role based access control and separation of duties
• Maintain the patch repository of BigFix instance and patch baselines
• Update patch repository
• Interact with component specific SME in order to help planning a patching session and feasibility / risks to apply identified patches
• Help with patch deployment, as planned
• Document improvements
• Where needed, Track multiple vulnerability sources and provide specialized advice.