Job Description
You'll be joining the 6th largest IT Service Provider, present in more than 50 countries. From our roots in Japan, NTT DATA's mission is to facilitate business change and technology transformation across many industries for a better future for our business, people and community. Some of the projects we have supported include the digitising of The Open golf tournament and applying Formula 1 technology to support medical staff at University Hospitals Leicester.
Everything we do is underpinned by our core values of 'Clients First', 'Teamwork' and 'Foresight' and we achieve these by putting people first.
We support and celebrate our differences and preferences, these are what makes us unique. Some of our initiatives, collectively known as "DO Diversity", aim to create a space for us to learn and get involved in building a truly diverse environment. Our Culture & Ethnicity Network gives our colleagues a platform to share their various backgrounds; Our NINGEN programme allows the new generation of NTT DATA employees around the world to connect and shape the future of our organisation and the "City Gives Back" allows us to support our local community that has been affected by the COVID-19 pandemic...and much more!
Working with client's Group Cyber Hub, provide assurance service for compliance with the security policies and processes for the key suppliers. Promote security best practice across the service operations. Provide oversight on security remediation plans. Act as a collaboration point for all the other suppliers to reduce incidents and events relating to security through the Continual Service Improvement process and Value Stream management
Job Duties
- Deliver GRC Consulting Services to NTT DATA clients
- Execute risk analysis and management engagements
- Participate in pre-sales tasks and perform ongoing support of delivery collateral.
- Execute technical management tasks in respect to ongoing client projects.
- Maintain a subject matter expert level of expertise regarding industry leading security frameworks.
- Experience presenting to executive leadership teams including at the Board of Director level.
- Hands on technical background with infrastructure technologies and operating systems.
- Technical writing experience including architectural designs as well as data flow and network connectivity diagrams.
- Experience with the execution of Mergers & Acquisition due diligence from an information security perspective
- Familiarity with SOX (Sarbanes Oxley), MCSS (Minimum Cyber Security Standard) & Safe Harbor requirements
- Working closely with NTT DATA UK and Partners
o NTT Security UK DM SOC & TD SOC (onshore)
o NTT DATA Romania SOCs (near shore)
o NTT DATA Bangalore Indian remote based staff (far shore)
Characteristics
- Strong teamwork skills and attention to detail
- Excellent written and verbal communication skills
- Proficiency in leading both physical and virtual teams
- Versatility - able to quickly adapt to new technologies and client environments
- Strong interpersonal and customer relationship skills
- Strong public-speaking skills
- Ability to work under pressure and to very short timelines
- Ability to work independently as needed yet always thinking as part of a team
- Experience in dealing with 3rd-party provided services
- Operational ability in diverse, large-scale environment
Skills
- Participation in implementation of roles and authorisations - design as well as redesign
- Solid understanding of the concepts around segregation of duties, critical access, sensitive access and the governance around it
- Ability to work independently and take initiative, but at the same time know when to reach out for assistance from your colleagues
- You thrive being a consultant and face many different clients and likewise different solutions
- An understanding of industry leading frameworks such as NIST CSF, NIST 800-53, ISO 270012 & COBIT
Certification & Training
- Minimum of 5 years' experience of working in a multi-tiered IT enterprise environments
- Minimum of 3 years' experience in a Governance, Risk and Compliance role
- Experience with security standards such as ISO 27001, 27002, 27018, 29100 etc...
- Experience with Cloud platforms (AWS and/or Microsoft Azure
- Experience with Vulnerability Scanning and Penetration Testing
- An understanding of MITRE ATT&CK (Adversarial Tactics Techniques & Common Knowledge)
- An understanding of ITIL (IT Infrastructure Library)
- ITIL v3 or 4 Foundation or Intermediate (preferred) certification
- Excellent knowledge of Microsoft Office products, especially Excel and Word