Program Manager, CIO Vulnerability Management - NYC

New York, New York, US

Full Time
IBM logo
Apply now Apply later

Posted 1 month ago

At IBM, our Project Managers excel by leading and coordinating a project team’s overall performance, scope, cost, and deliverables. Our clients rely on timely and efficient status reports, and as Project Manager, you will drive the charge with project direction, metric definition, and performance management. If you are ready to help our clients and project teams succeed, we would love to meet you!

Your Role and Responsibilities

This role is located in the IBM office in New York City. We will also consider qualified candidates to work in the Southbury, CT, office. There is no remote work option (post covid). We are co-located in New York City and Southbury, but maintain a responsible consideration of health and safety practices - which includes ongoing support for an in-office/remote office balance during these unusual times.

There are no relocation funds for this role so you would need to relocate at your own expense.

*** IBM will not be providing visa sponsorship for this position now or in the future. Therefore, in order to be considered for this position, you must have the ability to work without a need for current or future visa sponsorship.

IBM CIO is seeking an experienced program manager for the CIO Vulnerability Management program.
This role requires a self-motivated, life-long learner who is well versed in Cybersecurity. You will need possess a strong knowledge and experience with enterprise vulnerability management, program management, Agile methodologies, and key business controls. You will lead the CIO Vulnerability Management team as well as actively contribute in performance of the day-to-day team responsibilities.


  • You will lead the program management activities related to the Vulnerability Management program, including financial planning, execution, analysis and reporting of cyber risks and vulnerabilities
  • You will manage cost, schedule and performance -including implementation of project change management and control
  • You will establish project Objectives & Key Results, (OKRs), that ensure successful follow through and remediation of identified risks
  • You will ensure that the project is maintained within the scope, budget and schedule of the baseline agreement
  • You will work with IBM business units to effectively communicate the risks of identified vulnerabilities and make recommendations regarding the selection of cost-effective security controls to mitigate identified risks
  • You will prepare detailed cyber security vulnerability metrics and reports for all Business Units and executive leadership
  • You will be the primary technical interface to IBM business units and stakeholders on vulnerability management
  • You will participate in all status updates and act as the delivery authority for the program


Required Technical and Professional Expertise
  • 2+ years leading and managing a team of engineers and security professionals in the execution of project work
  • Understanding of threat actors with the ability to articulate how they operate and demonstrate how they subvert common security controls
  • Knowledge of application exploits and vulnerabilities
  • Candidates must be familiar with CVEs, CVSS, and MITRE as well as other industry specific vulnerability classification standards, and best-practices
  • Experience with security frameworks such as NIST Cybersecurity Framework, Center for Internet Security (CIS) controls, Cybersecurity Maturity Model Certification (CMMC)
  • Demonstrated interpersonal effectiveness and emotionally intelligent communication skills to communicate, persuade, influence, and handle challenging conversations effectively at an executive level

Preferred Technical and Professional Expertise
  • 4+ years professional experience in IT and/or Cybersecurity, preferably with an Enterprise Vulnerability Management Team
  • Superior Knowledge of vulnerability management processes and tools to include scanning patching, hardening, configuration, and risk management
  • Advanced Knowledge of CVSS vulnerability metrics
  • A professional IT Security certification (e.g. CISSP, CISM, CISA, OSCP)

About Business Unit
The Office of the Chief Information Officer (CIO) owns IBM’s IT strategy and provides the tools, workstations, devices, and infrastructure that IBMers use to do their jobs every day. Put simply, our mission is to create a productive environment for IBM's 365,000 worldwide employees. Join us as we lead with design to drive simplicity and ease of use, engineering the systems that run the business, and innovating to transform the business.

Your Life @ IBM
What matters to you when you’re looking for your next career challenge?

Maybe you want to get involved in work that really changes the world? What about somewhere with incredible and diverse career and development opportunities – where you can truly discover your passion? Are you looking for a culture of openness, collaboration and trust – where everyone has a voice? What about all of these? If so, then IBM could be your next career challenge. Join us, not to do something better, but to attempt things you never thought possible.

Impact. Inclusion. Infinite Experiences. Do your best work ever.

About IBM
IBM’s greatest invention is the IBMer. We believe that progress is made through progressive thinking, progressive leadership, progressive policy and progressive action. IBMers believe that the application of intelligence, reason and science can improve business, society and the human condition. Restlessly reinventing since 1911, we are the largest technology and consulting employer in the world, with more than 380,000 IBMers serving clients in 170 countries.

Location Statement
IBM will not be providing visa sponsorship for this position now or in the future.  Therefore, in order to be considered for this position, you must have the ability to work without a need for current or future visa sponsorship.

IBM intends this job to be performed entirely outside of Colorado.

Being You @ IBM
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

Job tags: CISA CISM CISSP NIST OSCP Strategy Vulnerabilities Vulnerability management
Job region(s): North America
Job metrics:  4  0  0
Share this job: