**Introduction** We are seeking a detail-oriented and analytical Security Compliance and Data Analyst to join our team. In this role, you will be responsible for ensuring that organizational data and systems adhere to security policies, regulatory standards, and best practices while providing insightful data analysis to support compliance and risk management efforts including internal readiness/assessments and external audits for IBM IaaS and Virtual Private Cloud. You will work across our global teams and diverse stakeholders- security focals, executive program and delivery managers, regulatory and compliance certifications experts, product management, IT, and business teams to monitor, drive plans and deliver key security compliance metrics, analyze audit data, identify gaps, and contribute to the continuous improvement of IBM cloud security and compliance posture. Additionally, you will leverage your analytical skills to create dashboards, generate compliance reports, and support internal and external audits through data-driven insights. The ideal candidate will be familiar with key regulatory and compliance frameworks, such as SOC2, PCI DSS, NIST standards, ISO 27K series, ISO 20000, GDPR, HITRUST, FEDRAMP or ITAR, and solid technical skills in data analysis, reporting, and produce data/reports for business operations that support the management for security compliance business decision making. **Your role and responsibilities** * Generate compliance reports from an existing dashboard or build requirements to create a new reporting dashboard * Proactively Monitor, track, and report on security compliance status across systems and processes. * Analyze large datasets to identify trends, anomalies, and compliance risks. * Support security audits, assessments, and certification efforts through data collection and analysis. * Possess strong communication skill, collaborate with cross-functional matrix teams to drive root cause analysis, corrective actions and improvements based on data insights. * Maintain and enhance compliance reporting dashboards and metrics for leadership visibility and decision making. **Required technical and professional expertise** * Experience working with security architects and technical security teams to define and implement security processes and procedures based on industry-standard best practices and compliance requirements. Defining the requirements and validating the procedures and audit testing methodology * Working with the Development teams to ensure automation of evidence collection and evidence management is always in line with compliance expectations, otherwise, identifies specific actions and owners to meet the expectations. * Assisting team members in addressing highly complex security issues applicable to enterprise environment * Ability to utilize project management principles to properly scope compliance work efforts by service lines, identify common areas of work, and create a measurable milestone plans across service lines to enable completion of compliance work items on time. * Ability to manage multiple priority projects simultaneously under a short timeline * Experience/familiar with enterprise risk management (ERM) framework, service delivery operations, software development lifecycle and be able to understand when to request and integrate risk items into compliance reporting. * Experience with compliance programs such as FedRAMP/ FISMA, HIPAA, GDPR, SOC 2, PCI, NIST, ISO, ITAR, etc. * Conducting regular reviews on compliance progression of systems and hosting internal audit/assessment as required to maintain compliance certifications. * Ability to translate and interpret regulatory compliance requirements into technical controls * Ability to understand cloud enterprise business computing operations/requirements, and effectively communicate to service lines what is expected in order to consider a work item complete. Also, will possess good understanding of networking security including security systems such as firewalls, intrusion detection, vulnerability scanning, OS patching, health-checking * Diagnosing the root cause of problems and propose solutions: Examples would be failed patches, tooling issues, false positives on system tests, authentication problems. Drive and track audit, security and compliance finding remediation to closure. * Experience with enterprise configuration Management database (CMDB) or IT Asset inventory Management. Understand CMDB's structure, data quality, relationships between CIs (Configuration Items), and updates. Use the CMDB for risk, audit, and compliance analysis and reporting * Proficiency in SQL, Excel (advanced level: pivot tables, macros), and ServiceNow— data analytics and visualization functionalities * Ability to process large datasets, identify and handle missing data, data transformation, normalization, and data quality checks. * Ability to perform data analysis to discover patterns and trends to mitigate security risks and drive business results * Work with stakeholders to define key metrics and KPIs; develop dashboards and reports for business users. * Collaborate with database engineers, data owners, security focal, product managers, and broader metrics teams to understand data needs. * Results oriented with intense focus on achieving both short and long term goals. He/she should be able to drive and execute an agenda in a fast paced, dynamic environment. * Strong project management skills with ability to design visual and appealing presentations * Strong collaboration, problem-solving and critical-thinking abilities. * Excellent communication skills — ability to explain technical findings to non-technical audiences. * Good time management, organizational skills, and ability to prioritize tasks. * Curiosity and a continuous learning mindset. * A highly organized with strong attention to detail, analytical and project management skills * Work independently within a team focused organization. * **Preferred technical and professional experience** * Experience or familiar with cloud service models; IaaS preferred. * Project management and consulting experience is a plus * Experience with process automation is a plus * Experience with Linux Shell, Perl or Python is a plus IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.