Introduction
A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You'll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from our strategic partners, robust IBM technology, and Red Hat, you'll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting, curiosity fuels success. You'll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results. Our culture of growth and empathy focuses on your long-term career development while valuing your unique skills and experiences.
Your Role And Responsibilities
Cyber Strategy & Risk Consultant is responsible for leading enterprise cybersecurity strategy, governance, risk, and compliance (GRC) initiatives across complex client environments.
The role requires strong advisory capability, regulatory understanding, risk management expertise, and the ability to drive executive-level cybersecurity transformation programs.
The incumbent operates as a subject matter expert (SME) and engagement lead for large or strategic accounts.
Preferred Education
Bachelor's Degree
Required Technical And Professional Expertise
- Cyber Strategy & Advisory
- Develop enterprise cybersecurity strategies aligned to business objectives.
- Define multi-year security roadmaps and maturity uplift programs.
- Conduct current state assessments and target operating model (TOM) design.
- Provide board-level advisory on cyber risk posture.
- Governance, Risk & Compliance (GRC)
- Establish and operationalize enterprise security governance frameworks.
- Lead risk assessments, enterprise risk registers, and risk quantification exercises.
- Design and implement policies, standards, and control frameworks.
- Ensure compliance with global standards (ISO 27001, NIST CSF, COBIT, PCI-DSS, etc.).
- Support regulatory audits and third-party assurance programs.
- Risk Management & Control Assurance
- Conduct enterprise-wide cyber risk assessments.
- Perform gap assessments and control effectiveness reviews.
- Define risk mitigation strategies and remediation roadmaps.
- Oversee internal and external audit remediation programs.
- Client & Stakeholder Management
- Act as primary client interface for strategic cybersecurity programs.
- Present findings to CISO, CIO, CRO, and executive committees.
- Manage multi-stream engagements and cross-functional coordination.
- Practice & Business Contribution
- Support proposal development and solution architecture for GRC opportunities.
- Develop thought leadership assets and reusable frameworks.
- Contribute to capability development and knowledge management.
Preferred Technical And Professional Experience
- 812+ years of experience in Cyber Strategy, GRC, or Risk Consulting.
- Experience in consulting or large enterprise environments.
- Bachelor's degree in Engineering / Technology / Risk / Finance.
- Preferred Certifications:
- CISM
- CRISC
- ISO 27001 Lead Auditor / Lead Implementer
- SOX
