Make an impact with NTT DATA
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive.
Your day at NTT DATA
The Director, Cybersecurity Technical Assurance and Access Management is a leadership role with the core responsibility for supporting the business by way of protecting its brand, warranting compliance to its internal, regulatory and contractual obligations.
This role is accountable for preparing, monitoring and assessing the operational effectiveness of controls for successful completion and maintenance of various compliance programs, including (but not limited to) ISO27001, SOC in line with the Information Security Management System (ISMS), ensuring that information security is effectively managed in all services and business functions within region/business area.
This leadership role is responsible for managing and leading a team of cybersecurity professionals, as well as fostering a collaborative and innovative team culture focused on operational excellence.
Key responsibilities:
Oversees the development, evaluation and implementation of governance, risk and compliance and processes to mitigate cybersecurity risk and ensure protection of company and allied assets and information.
Researches and interprets current and pending laws and regulations, industry standards and customer and vendor contracts to understand and communicate compliance requirements.
Consults with business and technical leadership to ensure that data, processes and technology are designed for data protection and compliance.
Oversees information security risk assessments and compliance audits; directs the development and operational effectiveness of IT security controls.
Monitors investigations and documentation of cybersecurity compliance issues and incidents.
Reviews information security risk findings and non-compliance with business leaders and proposes solutions to mitigate risks.
Selects, develops and manages a team to ensure the efficient operation of the function.
Contributes to the Group ISMS content development, maintenance and maturity.
Advises and reports to the Group CISO office on all ISMS processes and compliance status.
Reviews service level and business requirements to develop service methodologies and an information security policy, assessments and methodologies.
Develops, scopes and discusses security service audit schedules, reviews access authorisation to identify security weaknesses.
Documents improvement in service design and ensures that the required security plan is developed and reviewed.
To thrive in this role, you need to have:
Ability to work with senior management to establish strategic plans and translates business segment strategy into functional plans and guides execution.
Significant relevant knowledge of information security management and policies.
Significant understanding of security operational processes and controls.
Demonstrable understanding of complex inter-relationships in an overall system or process.
Ability to maintain up-to-date knowledge of security threats, countermeasures, security tools, and network technologies.
Significant relevant knowledge of technological advances within the information security arena.
Significant relevant solution and service knowledge.
Excellent interpersonal and consultative skills with the ability to map business needs to technology solutions.
Ability to discuss and report technology and information security risk with non-technology and executive business stakeholders.
Ability to display analytical thinking and a proactive approach.
Ability to develop, define and articulate ISM strategies.
Excellent strategic thinking and decision-making abilities.
Ability to plan and organize, with good project management skills.
Ability to work in a fast-paced environment, effectively balancing multiple activities.
Academic qualifications and certifications:
Bachelor’s degree or equivalent in Computer Science or Information Technology or related field.
Relevant Security certifications such as (but not limited to) CISSP, CISM, CISA, CRISC, CCSK and ISO27001 or equivalent IT Governance and Risk Management certification (preferred).
Required experience:
Significant years of experience in information security, cybersecurity, technology risk management in large multinational technology institutions environment.
Significant demonstrable experience leading and coaching a cybersecurity technical compliance or related team.
Significant understanding of global standards such as ISO 27001, NIST, CIS and GDPR.
Significant experience with auditing, security compliance and risk management.
Significant knowledge of effective access controls, authentication, password management, DNS, public key infrastructure, Windows servers, network mapping, and network protocols.
Significant technical acumen including (but not limited to) IT infrastructure, AWS cloud, application development languages, tools and frameworks, database technologies, web technologies, network architecture, enterprise architecture and directory services.
Significant security technology acumen and experience including (but not limited to) firewall, intrusion detection, cyberattack tools and defenses, encryption, certificate authority, web filtering, anti-malware, anti-phishing, identify and access management, multi factor authentication.
Significant experiences as a system administrator or network administrator.
Significant previous experience with cross-functional problem solving and driving change through to successful implementation.
Significant experience with prioritizing and management of high-level initiatives and projects Demonstrated ability to influence and lead both with and without authority; leading innovation and change; and excellent problem solving and decision-making skills.
Significant experience using Microsoft application suite (Power Apps, Business Intelligence, Outlook, Word, Excel, Access, PowerPoint, SharePoint) or similar software.
Workplace type:
Hybrid WorkingAbout NTT DATA
NTT DATA is a $30+ billion business and technology services leader, serving 75% of the Fortune Global 100. We are committed to accelerating client success and positively impacting society through responsible innovation. We are one of the world’s leading AI and digital infrastructure providers, with unmatched capabilities in enterprise-scale AI, cloud, security, connectivity, data centers and application services. Our consulting and industry solutions help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have experts in more than 50 countries. We also offer clients access to a robust ecosystem of innovation centers as well as established and start-up partners. NTT DATA is part of NTT Group, which invests over $3 billion each year in R&D.
Equal Opportunity Employer
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.
Third parties fraudulently posing as NTT DATA recruiters
NTT DATA recruiters will never ask job seekers or candidates for payment or banking information during the recruitment process, for any reason. Please remain vigilant of third parties who may attempt to impersonate NTT DATA recruiters—whether in writing or by phone—in order to deceptively obtain personal data or money from you. All email communications from an NTT DATA recruiter will come from an @nttdata.com email address. If you suspect any fraudulent activity, please contact us.