Director: Security Incident And Vulnerability Management

Director: Security Incident and Vulnerability Management NTT DATA NTT DATA helps clients transform through consulting, industry solutions, business process services, IT modernization and managed services. View company pageWant to be a part of our team?The Director, Information Security is a senior management role responsible for overseeing and leading NTT's information security programme(s). This role plays a critical role in contributing towards the development of, as well as driving the implementation of NTT's security and governance strategy, frameworks, policies, and practices enabling a risk-free and scalable business operations. This role collaborates with cross functional teams, and senior leadership, and other stakeholders to maintain a robust and proactive information security posture. Working at NTTKey Roles and Responsibilities:Contributes towards the development and drives the implementation of an organisation-wide information security strategy aligned with the NTT's business objectives.Contributes towards establishing and maintaining information security policies, procedures, standards, and guidelines that comply with industry best practices and regulatory requirements.Oversees the identification, assessment and management of information security risks across the organisation, including data, systems, networks, and third-party relationships.Promotes a culture of security awareness among employees through training, education, and regular communication.Oversees the development and execution of incident response plans to effectively address and mitigate security incidents.Ensures NTT's compliance with relevant security regulations, laws, and industry standards.Assesses and selects appropriate security technologies and solutions to protect NTT's digital assets.Implements security monitoring tools and systems to detect and respond to security threats and providing regular reports to executive leadership and stakeholders.Stays informed about emerging security threats and industry trends to continuously enhance the organisation's security posture.Evaluates security risks associated with third-party vendors and service providers and implementing risk mitigation strategies.Effectively communicates security incidents, responses, and mitigation efforts to relevant stakeholders.Coordinates and manages internal and external security audits and assessments.Provides guidance and leadership to the information security team, ensuring adherence to security policies and procedures.Knowledge, Skills and Attributes:Strong knowledge of security frameworks and standards (e.g., ISO 27001, NIST, CIS, etc.)Has knowledge about PCI, HIPAA, NIST, GLBA and SOX compliance assessmentsIn-depth understanding of security technologies, tools, and best practicesExcellent communication and presentation skills with the ability to effectively convey complex security concepts to non-technical stakeholdersStrong leadership and team management skills to lead and motivate a diverse security teamStrategic thinking and problem-solving abilities with a focus on delivering resultsBusiness acumen and the ability to align security objectives with overall business objectivesAcademic Qualifications and Certifications:Degree in business administration or a technology-related field required (e.g., computer science, information technology, etc.)MBA or Masters in IT related field with a security focus preferredRelated Cybersecurity, risk management and data privacy certifications preferred: CompTIA Security+, CISSP, CISM, CISA, and/or CEHRequired Experience:Significant experience in a combination of risk management, information security and IT roles in a global organisationProven track record of successfully developing and implementing enterprise-wide information security strategies and initiativesSignificant experience with contract and vendor negotiations and managementSignificant experience in Agile (scaled) software development or other best in class development practicesSignificant experience with Cloud computing / Elastic computing across virtualised environmentsSignificant experience in risk management, compliance and regulatory requirements related to information securitySignificant working with national and international regulatory compliance frameworks such as NIST, ISO, SOX, EU GDPR, CCPA and PCI DSSSignificant experience and working knowledge of the following areas of technical expertise: information policy formulation, information security management, business risk management, IT risk assessment and management, IT continuity management, IT governance formulation, and organisational change management, IT financial management and IT auditSkills SummaryWhat will make you a good fit for the role?Workplace type:Hybrid Working Equal Opportunity EmployerNTT is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, color, sex, religion, national origin, disability, pregnancy, marital status, sexual orientation, gender reassignment, veteran status, or other protected categoryExplore more InfoSec / Cybersecurity career opportunities Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.#J-18808-Ljbffr