Introduction A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You’ll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from our strategic partners, robust IBM technology, and Red Hat, you’ll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting, curiosity fuels success. You’ll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results. Our culture of growth and empathy focuses on your long‑term career development while valuing your unique skills and experiences. Your Role and Responsibilities Lead and manage information security and cybersecurity compliance programs across the organization. Plan and execute internal and external audits, ensuring ongoing compliance with applicable standards and regulations. Design, implement, and maintain security frameworks and control environments, such as ISO 27001, SOx, and other relevant standards. Develop, review, and oversee information security policies, procedures, and controls, ensuring alignment with regulatory requirements and industry best practices. Coordinate risk assessments, monitor remediation plans, and ensure timely mitigation of identified compliance gaps. Monitor changes in regulations, laws, and standards related to information security, privacy, and data protection at national and international levels. Act as a key liaison between technical, legal, audit, and business teams, facilitating effective collaboration and alignment. Clearly communicate compliance status, risks, and recommendations to executive leadership and key stakeholders. Required Technical and Professional Expertise 5+ years of experience in Information Security and Cybersecurity Audit roles. Strong expertise in auditing IT General Controls (ITGC), including access management, change management, and IT operations to ensure the integrity of financial reporting. Proven experience conducting internal and external audits; experience in the implementation and maintenance of Information Security Management Systems (ISMS) is desirable. Strong knowledge of information security frameworks and standards, including ISO 27001 and SOx. Solid understanding of laws, regulations, and compliance requirements related to information security, privacy, and data protection at both local and international levels. Experience in designing, updating, and overseeing security policies, procedures, and controls. Ability to manage risk assessments, remediation plans, and mitigation of compliance gaps. Strong attention to detail, high level of accountability, and a proactive mindset focused on risk prevention and governance. Preferred Technical and Professional Experience Professional certifications such as CISM, CISA, CRISC, or ISO 27001 Lead Implementer / Lead Auditor, or other related security and compliance certifications. Experience working in highly regulated industries (e.g., financial services) or in a senior role within a consulting firm. Knowledge of information security and cybersecurity regulatory frameworks applicable in Peru. #J-18808-Ljbffr