Introductionat ibm finance & operations, we are the backbone of ibm's transformation driving efficiency, transparency, and smart decision-making across the business. Our teams provide the insight and discipline that guide strategy, ensure financial strength, and enable ibm to invest in innovation and growth. Working in finance & operations means combining analytical skills with collaboration and curiosity. You'll partner with colleagues across functions and geographies, using data, technology, and process excellence to create solutions that improve performance and deliver measurable impact. Ibm offers continuous learning, career development, and a culture that values diverse perspectives. Join us and be part of a global team that keeps ibm moving forward, while building your own future in a dynamic and evolving environment.your role and responsibilitiesthe role involves understanding and executing independent information technology audits of ibm's third-party supplier environments and processes to obtain reasonable assurance of effective information technology risk management controls, standards, and practices. It requires expertise in information security best practices, the identification of key internal and operational controls risks, and knowledge of delivery ecosystems and management processes to deliver high-quality, risk-based audits. As a third party security and privacy auditor, you are required to apply the fundamentals of auditing, perform independent, end-to-end information technology risk-based audits, contribute to the production of audit reports that articulate risks clearly, and assist in the development of audit scopes and tests. A key skill is the ability to effectively communicate business impact analyses and remediation plans to key stakeholders. Candidate should also possess excellent project management and time management skills.the role demands a range of expertise in on-premises and cloud-computing environments, including network security, application security, data center security, governance, identity and access management, data security, artificial intelligence, business continuity and disaster recovery, and cryptography management. As an auditor, you should also demonstrate an understanding of application security risks, system risk management, secure development life cycles, and knowledge of software build of material analysis (sbom).candidates that do not currently possess at least one of the required external certifications, you will be required to obtain a certification after three years in your role as an internal auditor.required technical and professional expertisedeep knowledge of data security, data privacy, data handling, and data classification best practices.strong background in it security, third-party risk, fourth-party risk, nth party risk and internal and operational risk.knowledge and experience implementing the following standards and frameworks e.g. Cobit, itil, iso *, iso * (aims), soc 1/2, pci-dss.knowledge and experience implementing global privacy regulations, e.g. Gdpr, cpra, lgpd, hipaa.eu cybersecurity regulation i.e. Dora.ethical hacking experience.ability to apply the fundamentals of auditing.familiarity with ibm ai governance model.preferred technical and professional experiencecism, cisa, cia, cissp, cdpse, ctprp, aaia, ceh.at least one cloud foundational certification, e.g. Ibm cloud certified technical advocate, aws cloud practitioner, microsoft azure fundamentals, google cloud platform foundational certificate.generative ai, ai ethics, ai baseline governance.strong project management skills and experience working in an agile environment.ibm is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. Ibm is also committed to compliance with all fair employment practices regarding citizenship and immigration status.#j-*-ljbffr