**Introduction** IBM is looking for a Senior Program Operations Lead, with extensive experience leading risk assessments, continuous monitoring, developing remediations initiations to include technical, operational, and administrative solutions. This role will require extensive experience with government and industry regulations and best standards both within and outside of the US. The primary objective of this role is to manage the assessment, remediation, and continuous evaluation of the risk and vulnerabilities of IBM’s applications across several geographies. **Your role and responsibilities** · Exposure to, and understanding of security requirements for an enterprise product, particularly in the context of mainframe software development. · Strong understanding of operating system concepts and computer virtualization, showcasing proficiency in the foundational aspects of software development. · Maintain leading edge awareness of government and industry security and privacy regulations within and outside the US. This includes but is not limited to SOC2, HIPAA, DORA, FedRAMP, CMMC, NIST CSF, NIST 800-53, NIST 800-37, GDPR, NYDFS, and IRAP. · Manage aspects of Security Compliance programs, including creating and updating security design documents, runbooks, and managing related program initiatives. · Provide support to the compliance audit and assessment efforts to include external third-party auditors with evidence collection and upload, auditor interview support, and auditor walk-throughs of policies, procedures, and related compliance and security documentation. · Assist in advisory services, third parties and coordinate annual assessments. · Work with the Engineering team to execute on continuous monitoring, including tracking and updating IBM's Plan of Action and Milestones and ensuring timely reporting to our Agency partners. · Coordination and delivery of architectural enhancements and shared service modeling · Assist compliance team on other ad hoc important tasks when required. **Required technical and professional expertise** · Demonstrated experience either in building, executing, planning, tracking, or auditing technical programs. · Highly proficient with NIST Publications, DORA, PCI, SOC, GDPR, IRAP and most industry security and privacy standards. · You are a strong, capable program manager who has successfully planned, led, and completed complex projects with multiple stakeholders and dependencies. · Knowledge of public cloud platforms and related security topics · Strong technical skills but equally comfortable interacting with senior business leaders · Excellent interpersonal and communication skills, fostering collaboration across diverse teams and geographies · FAIR, CRISC, CISSP, SANS GSEC or equivalent certifications **Preferred technical and professional experience** · Exceptional ability to present ideas, strategies, and technical concepts effectively to senior leadership and non-technical audiences. · Strong ownership mindset, capable of going beyond the assigned tasks to identify and implement innovative solutions. · Demonstrated curiosity and a proactive approach to learning how other teams operate and aligning their goals with the organization’s mission. · A bold thinker with a growth mindset, unafraid to challenge the status quo and drive meaningful change.