20 days old

Client Security Policy Associate

Cyberjaya, Selangor 63000
  • Job Code
At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. Are you ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk.

Your Role and Responsibilities
The objective of the Security Policy Management process is to ensure that GTS develop, deploy, maintain, and retire a market competitive Security Policy to:
  • Manage current, future and evolving technology risks
  • Optimize the control environment to meet Client and IBM business objectives
  • Provide a minimum set of recommended security requirements to protect the infrastructure
  • Optimize the balance between risk exposure with cost of controls
  • Ensure clarity, consistency, reliability, and auditability of contractual security requirements and that they are accurately reflected in the Security Policy
  • Ensure that security requirements are communicated to all stakeholders and appropriate approvals or acknowledgements obtained.

Position Summary

Client Security Policy Specialist role also referred to Security Policy Analyst. The Specific responsibilities include:
  • Manage Security Policy and ensure that the latest documentation is used for policy documentation
  • Assist DPE / ISA with Security Policy maintenance
  • Manage the periodic updates to the existing Customer Security Document.
  • Ensure the latest Security Document template and Technical Specification templates are obtained for use in this process.
  • Work with the DPE / ISA to identify all departments and individuals who will be asked to contribute information to the Security document.
  • Drive quality & consistency through the Customer Security Document lifecycle. Ensure that the Technical Specifications are in line with the Base Security document and the contract.
  • Co-ordinate with the DPE / ISA on Client involvement as per the process.
  • Notify Delivery teams of the completed or updated version of the Customer Security Document
  • Store the completed document and associated artifacts in the authorized repository for Services Delivery use and future audit inspection.
  • Provide these individuals with advance notification of the project and milestone target dates; keep them informed as to progress; and any issues and concerns throughout the project.
    • This may include but not limited to editing, meeting/status notes, and constant monitoring of the progress of all individuals involved.
    • Keep the DPE / ISA updated on progress against milestone targets.
  • Drive the creation and interpretation of the results of all Security Policy tasks where applicable: Base Policy Document , Security Controls Baseline, Technical Specifications, Threat Identification, Security Policy Document Exceptions

Required Skills


Displays specialized technical skills and advanced knowledge related to incumbents department and function. Absorbs professional knowledge quickly and develops skills independently. Uses discretion and has a high degree of latitude to support the attainment of department functions/objectives. Acts as a focal point and provides subject expertise advice to other analysts. Understands and applies proficient knowledge of information technology and associated tools and methodology's of products, offerings and services within discipline.


Functions in an independent manner with limited direction from managers. Acts an independent professional to effectively negotiate with specified objectives. Develops, provides and articulates highly specialized written and verbal communications to customers, peers, and support personnel. Advises others on tools, processes and operational procedures. Regularly interacts with client team to resolve operational or technical problems and participates in planning to improve overall service. Articulates and compares alternative approaches to design and implementation of technical solutions.

Problem Solving:

Identifies project objective related problems and trends and uses independent judgment in recommending solution alternatives. Applies a defect prevention process including performing root cause analysis as part of the continuous improvement process. Challenges the validity of given procedures and processes with intent to enhance and improve systems at IBM and client. Uses discretion to investigate and solve first and second level problems in a small to medium project or segment of a larger project. Responsible for the definition of system, and/or program design and development of a phase or segment of a small to medium segment of a larger project.


Works on special projects with latitude in determining the tools and techniques to be used for completing work assignments. Assists with the improvement of technical procedures and/or business processes within area of technical specialty and offers professional advice in enhancing clients technical operation. Includes authority to waive or deviate from established procedures/policies without prior approval. Provides technical direction and coordination to multiple teams. Provides 3rd level support, leadership, design, and high level change and project management. Provides direction to less experienced employees to ensure guidelines, and service level agreements are met and where applicable to ensure audit readiness. May also act as a technical competency point for service delivery activities to these employees, vendor/contract or client personnel.

Impact on Business/Scope:

Accountable for individual, team, or department results and the impact of these results on service delivery measurements, both business and financial. Participates in overall departmental program planning. Understands departmental mission and vision, and applies this knowledge to activities on project, testing project, technical solution, or contract participation. Where applicable, accountable for audit compliance and implement and maintain the business recovery plans and procedures for major systems based on IBM and client requirements.

Required Professional and Technical Expertise
  • Very experienced understanding of all Competencies within the Service Delivery Organisation
  • Strong communication skills.
  • Proactive in identifying problem areas and driving resolution.
  • Ability to assist others in developing their understanding of security policies.
  • Ability to use office productivity tools to analyse large amounts of information.
  • Effective written, oral and group communication skills and an understanding of the strategies required to achieve outcomes within a large organisation.
  • Possesses strong project management skills and ability to plan and lead multiple programs.
  • Possess a high degree of analytical capability and creativity.

Preferred Professional and Technical Expertise
  • Writing communication skills to produce work instructions, programs and procedures
  • Have acquired a level of education/certification in a security discipline.

About Business Unit
At Global Technology Services (GTS), we help our clients envision the future by offering end-to-end IT and technology support services, supported by an unmatched global delivery network. It's a unique blend of bold new ideas and client-first thinking.If you can restlessly reinvent yourself and solve problems in new ways, work on both technology and business projects, and ask, "What else is possible?" GTS isthe place for you!

Your Life @ IBM
What matters to you when youre looking for your next career challenge?

Maybe you want to get involved in work that really changes the world? What about somewhere with incredible and diverse career and development opportunities where you can truly discover your passion? Are you looking for a culture of openness, collaboration and trust where everyone has a voice? What about all of these? If so, then IBM could be your next career challenge. Join us, not to do something better, but to attempt things you never thought possible.

Impact. Inclusion. Infinite Experiences. Do your best work ever.

About IBM
IBMs greatest invention is the IBMer. We believe that progress is made through progressive thinking, progressive leadership, progressive policy and progressive action. IBMers believe that the application of intelligence, reason and science can improve business, society and the human condition. Restlessly reinventing since 1911, we are the largest technology and consulting employer in the world, with more than 380,000 IBMers serving clients in 170 countries.

Location Statement
For additional information about location requirements, please discuss with the recruiter following submission of your application.

Being You @ IBM
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.



  • Computers Software and Hardware
Posted: 2019-08-05 Expires: 2019-09-04

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Client Security Policy Associate

Cyberjaya, Selangor 63000

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast