What are the responsibilities and job description for the Compliance Engineer position at IBM?
A career in IBM Software means you’ll be part of a team that transforms our customer’s challenges into solutions. Seeking new possibilities and always staying curious, we are a team dedicated to creating the world’s leading AI-powered, cloud-native software solutions for our customers. Our renowned legacy creates endless global opportunities for our IBMers, so the door is always open for those who want to grow their career.
IBM’s product and technology landscape includes Research, Software, and Infrastructure. Entering this domain positions you at the heart of IBM, where growth and innovation thrive.
IBM is seeking a Compliance Engineer to join our dynamic Compliance Team. This role is responsible for ensuring IBM’s software products meet the highest industry and regulatory standards, with a focus on aligning business and technical goals with compliance requirements. As a Compliance Engineer, you will leverage your technical acumen to analyze compliance frameworks, provide innovative solutions, and collaborate across teams to enhance operational excellence.
This role requires 2–4 years of experience, offering opportunities for growth in compliance leadership, technical problem-solving, and regulatory expertise. The ideal candidate should have a strong technical understanding to evaluate compliance impacts, foster cross-functional alignment, and ensure audit readiness.
· Possess deep knowledge of security auditing and compliance tools such as Vulnerability scanners (Nessus), SIEM, EDRs, etc.
· Have foundational knowledge of Cloud Security in AWS, IBM Cloud, or similar hyperscalers.
· Assist in security audits conducted by third parties and possess a working knowledge of compliance frameworks like NIST 800-53, ISO27001, PCI-DSS, SOC2, etc.
· Help design and implement security controls into DevOps pipelines to enhance security practices.
· Utilize scripting technologies like Python, Bash, and Ansible to automate deployment, configuration, and various compliance activities.
