Cloud Security Lead - On Prem-Gen2 OSM SEC-OPM-TSI

The Role

Are you passionate about cloudsecurity and looking for an exciting role where you can make a difference If so, we have an opportunity for you! As a Security Specialist at Kyndryl, you will play a crucial role in enabling and securing our customer organizations, cultures, and ecosystems.

Your responsibilities will be varied and dynamic, spanning asset classification models, risk assessment reports, information security policies, security solution scenarios, implementation plans, organization models, procedures, security services, security effectiveness evaluation reports, and security awareness workshops. You will be tasked with configuring, monitoring, and managing the performance of networks to maintain the quality of services, while also protecting organizational infrastructure from malicious cyber-attacks.

As a key member of our team, you will assess, predict, prevent, and manage the risk of IT infrastructure and data, helping our customers stay ahead of the curve and ensure their systems are secure. You will develop and implement security policies and procedures, working closely with other departments to ensure that all security measures are in place and operating effectively.

But that is not all at Kyndryl you will have the opportunity to explore innovation in CloudSecurity data science taking information that has been gathered and looking for areas to have that Ah Ha moment. Drawing conclusions and patterns from the data across single and multiple clients. Creating new ideas in the area of risk management and risk quantification. Conduct risk assessments and security evaluations of private cloud control plane services (API Services) & and On-Prem application/infrastructure

In addition to your technical responsibilities, you will also play a key role in raising awareness of potential security threats through technical security training on best practices. Identify and assess threats, vulnerabilities, risks and potential attack vectors and prioritize the mitigation. Assess and manage IT risk treatment in all new projects or infrastructure within its scope (integration of security into projects, secure by design processes). This is an exciting opportunity to help shape the culture of our clients organizations and make a tangible impact on their security posture.

If you have a passion for cybersecurity governance, risk and compliance, are looking for a challenging and dynamic role, and want to work with a team of like-minded individuals, then we want to hear from you! Join us as a Security Specialist and help us secure the future of our clients organizations.

Your Future at Kyndryl

Every position at Kyndryl offers a way forward to grow your career. We have opportunities that you won't find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here

Who You Are

You're good at what you do and possess the required experience to prove it. However, equally as important you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused someone who prioritizes customer success in their work. And finally, you're open and borderless naturally inclusive in how you work with others.

Required Technical and Professional Expertise

• Overall 9 - 10 Years of experience
• 8+ years of experience in application risk assessment, operational security and risk management or related fields
• Strong understanding of infrastructure & application security architecture, compliance frameworks, and risk management principles
• Experience with infrastructure & application security assessments, risk assessments, and security controls implementation
• Excellent analytical, problem-solving, and communication skills
• Assess compliance with industry standards and regulatory requirements (e.g., NIST, SOC 2, PCI-DSS, OWASP).
• Develop and maintain risk management frameworks, playbooks, and reporting dashboards.
• Enforce Group policies / standards and/or procedures / good security practices within its department.
• Develop and implement risk mitigation strategies and security controls.
• Communicate the status of security audits (internal audit / regulators) as well as the plans for dealing with recommendations. Communicate on its activities (definition of relevant KPIs/KRIs) and on security alert points.

Preferred Technical and Professional Experience

• Familiarity with security framework, tools, and technologies (e.g., OSWAP, CSPM, CWPP, CIEM, DAST/SAST)
• Certifications in risk management, or related fields (e.g., CRISC,CCSP, CISSP)