NTT is a leading global IT solutions and services organisation that brings together people, data and things to create a better and more sustainable future. In today\xe2\x80\x99s \xe2\x80\x98iNTTerconnected\xe2\x80\x99 world, connections matter more now than ever. By bringing together talented people, world-class technology partners and emerging innovators, we help our clients solve some of the world\xe2\x80\x99s most significant technological, business and societal challenges. With people at the heart of our success, NTT is committed to attracting and growing the best talent and providing an environment where everyone feels they can belong and their contribution matters.
Want to be a part of our team? Develops and evaluates compliance with programs and processes to mitigate cybersecurity risk and ensure protection of company and allied assets and information. Researches and interprets current and pending governmental laws and regulations, industry standards and customer and vendor contracts to communicate compliance requirements. Conducts information security risk assessments, security compliance audits and cybersecurity audits. Establishes IT security audit procedures relevant to SOC, ISO27001, ISO22301, ISO27017, ISO27018, PCI DSS and international data privacy laws. Evaluates and tests the design and operating effectiveness of IT security controls. Maintains compliance of internal IT security controls by meeting internal and external information security requirements. Documents, investigates and reports cybersecurity compliance issues and incidents. Works with business leaders to ensure information security risk findings are reviewed and solutions are implemented Working at NTT In alignment with the Group Chief Security Officer the Information Security Governance, Risk & Compliance Analyst will support the orchestration of information security governance, risk and compliance activities for Group and subsidiaries. Key Roles and Responsibilities:

• This role supports the business and protects NTT\xe2\x80\x99 reputation by taking responsibility for overall Information Security Management and aligns IT security with business security, ensuring that information security is effectively managed in all service and business activities within NTT Ltd.
• The Risk Analyst\xe2\x80\x99s primary role is ensure NTT Ltd Group and Subsidiaries establish and maintain information security program. Implement process and controls to monitor group and subsidiary compliance practices to avoid breaching laws, regulations, policies, contractual and other security obligations and work to achieve compliance or in instances where non-compliant, ensure these are well understood with the risks managed in accordance with group risk management policies.
• They will support and coordinate technical staff so that an integrated security strategy is embedded to achieve the certifications and compliance obligations of the group.
• They are technology and compliance specialist and will provide senior mentorship, thought leadership and technical guidance to NTT Ltd Group and Subsidiaries stakeholders & country security solution architects, specialists and business development Analysts. They will augment enterprise account planning initiatives, technical pre-sales and bid management opportunities.

Identify risk and non-compliance:

• Risk & Compliance Specialists take responsibility for the identification of potential risks, incidents and problems before they occur.
• Identify, classify and record problems for all recurring issues and incidents to determine their root cause. These individuals also assist with ensuring that reported incidents and problems are solved and proactively review these to ensure the development of remedial action. They support, review and investigate allegations as assigned by the country, regional and group team. They advise internal management on the implementation or operation of compliance programs and any compliance issues. This employee will monitor or assess compliance systems to ensure their effectiveness and/or recommend appropriate compliance systems. They work with the relevant agencies or government organizations to supply information relating to compliance and ensure that any breaches are identified and dealt with, including advising the relevant stakeholders of such breaches.

Manage risk and compliance

• The Risk & Compliance Specialist is responsible for risk and incident management in accordance with relevant legislation and ensures that the relevant stakeholders are advised of such incidents. To ensure the proactive management of risk, they update and maintain a \xe2\x80\x9cknown breach / error database\xe2\x80\x9d containing all problems and workarounds. They assist with the provision of information to senior management on risk issues and assist with the provision of a plan to manage these. They also assist with chairing of post incident review meetings and develop the relevant action plans to allow for proactive risk management. They work closely with the Group Compliance team to implement Group policies and procedures locally, coordinating with local legal teams for compliance with local laws.
• They conduct regular internal reviews to ensure compliance to relevant policies and procedures, ensuring the update or modification of such to align with local laws and regulations.

Information Security Governance, Risk & Compliance Analyst:

• Develops and evaluates compliance with programs and processes to mitigate cybersecurity risk and ensure protection of company and allied assets and information.
• Researches and interprets current and pending governmental laws and regulations, industry standards and customer and vendor contracts to communicate compliance requirements.
• Conducts information security risk assessments, security compliance audits and cybersecurity audits.
• Establishes IT security audit procedures relevant to SOX, HIPAA, PCI DSS and international data privacy laws.
• Evaluates and tests the design and operating effectiveness of IT security controls. Maintains compliance of internal IT security controls by meeting internal and external information security requirements.
• Documents, investigates and reports cybersecurity compliance issues and incidents. Works with business leaders to ensure information security risk findings are reviewed and solutions are implemented.

Knowledge, Skills and Attributes: Personal Attributes and Skills Required

• Demonstration of NTT Ltd core values of Proactivity, Teamwork, Professional Excellence, Partnership, Personal Commitment and Multi-Cultural Strength.
• Good knowledge of security risks and preventative controls
• Good understanding of security operational processes and controls
• Good project, analysis, problem solving, and business relationship skills
• Computer Science Degree or equivalent together with specialised training in new technologies and legacy systems

Excellent communication skills

• Must be an intelligent, articulate and persuasive leader who can serve as an effective member of the senior management team and who is able to communicate security-related concepts to a broad range of technical and non-technical staff
• Should have experience with business continuity planning, auditing, and risk management, as well as contract and vendor negotiation
• Must have strong working knowledge of pertinent law and the law enforcement community
• Highly developed technical capability across a broad range of Security products / solutions
• Interpersonal skills and the ability to develop strong customer (Internal / External) relationships
• Strong industry and market awareness
• Ability to negotiate / influence
• Ability to communicate to all audiences levels (executive to technical)
• Comfortable with presenting and communicating solutions internally and to clients / market at a business and technical level
• Track record of effective workshop and interview skills
• Good interpersonal and consultative skills.

Strong professional documentation skills

• Ability to map business needs to technology solutions
• Ability to discuss and report technology and information security risk with non-technology and executive business stakeholders
• Interpersonal skills with the ability to develop strong relationships
• Ability to engage and guide a team of engineers

A strong client service orientation

• A team player willing to develop and share IP
• This position must be ardently attuned to security news, trends, risks, and events and be able to understand vulnerabilities and exploit code sufficiently to understand security implications and assess their impacts.
• Maintain up-to-date knowledge of security threats, countermeasures, security tools, and network technologies
• Conduct security assessments, Document findings, create reports and communicate recommendations to executive management in verbal and written format
• Experienced with tools such as IDS/IPS, Hacking (Penetration testing) tools, Vulnerability Management tools, Firewalls, VPNs, VMware, Honeypots, etc.
• Thorough understanding of Windows and Unix-based vulnerabilities and exploitation techniques
• Comprehensive understanding of operating systems, network architectures, and system administration
• Familiarity with network protocols

Academic Qualifications and Certifications:

• Degree / Certifications \xe2\x80\x93 Information Technology/Audit/Risk Management
• Security Certifications \xe2\x80\x93 CISA, CRISC or equivalent (Highly Desirable) , Lead Auditors (ISO 27001)

Required Experience:

• Experience of working in multicultural teams across multiple countries
• Security Professional that understand Security Compliance and posture
• Consulting experience an advantage
• At least 3 years\xe2\x80\x99 work relevant experience
• At least 3 years\xe2\x80\x99 experience in Technology Information Security Industry

What will make you a good fit for the role? Global Delivery Centres (GDC) Bangalore and Prague

• Dedicate +- 40% time to manage the Global Delivery Centres Information Security compliance, risk management and certifications.
• Internal and external audit management

Join our growing global team and accelerate your career with us. Apply today.








A career at NTT means:

• Being part of a global pioneer \xe2\x80\x93 where you gain exposure to our Fortune 500 clients and world-leading global technology partners and work with a network of over 40,000 smart and diverse colleagues across 57 countries, delivering services in over 200 countries.
• Being at the forefront of cutting-edge technology \xe2\x80\x93 backed with a 150-year heritage of using technology for good. With 40% of the world\xe2\x80\x99s internet traffic running on our network and where Emoji were first invented, you can be proud of the group\xe2\x80\x99s many new \xe2\x80\x98firsts\xe2\x80\x99.
• Making a difference \xe2\x80\x93 by doing meaningful work that helps to shape the future for our clients, and across industries and communities around the world.
• Being your best self \xe2\x80\x93 in a progressive \xe2\x80\x98Connected Working\xe2\x80\x99 environment that promotes flexibility, connection and wellbeing. Where diversity and different perspectives are embraced to ensure equal opportunities for all.
• Having ongoing opportunities to own and develop your career \xe2\x80\x93 with a personal and professional development plan and access to the broadest learning offerings in the industry.