Senior Information Security Management Specialist

Make an impact at NTT Global Data Centers

Join NTT Global Data Centers and be part of a team that drives innovation and sustainability in the digital world. With over 150 data centers across more than 20 countries globally, we offer unparalleled opportunities to work on cutting-edge technology and transformative projects. Experience a collaborative, innovative, and inclusive workplace where your ideas are valued, and your growth is supported.

Your role at a glanceThe Senior Information Security Management Specialist is an advanced subject matter expert, responsible for playing a crucial part in overseeing the organization's information security program, with a focus on cybersecurity and policy management. This role involves managing overall ISMS, leading risk assessments, developing information security policies, ensuring alignment with industry standards and regulations, and fostering a culture of information security awareness among employees.

What we are looking for

Key Responsibilities: Ensure compliance and maintenance of ISO 27001:2022 standard as well as all Information Security requirements with respect to laws, regulations, client requirements, NTT DATA and Group requirements including active participation in internal and external ISMS audits. Leads risk assessments and gap analyses to identify vulnerabilities and recommends risk mitigation strategies. Develops and maintains information security policies, standards, and procedures. Collaborates with legal and compliance teams to ensure adherence to regulatory requirements. Provides guidance and support to junior information security team members. Assists in the creation and delivery of information security awareness and training programs. Participates in information security incident response activities as needed. Contributes to the continuous improvement of the information security program. Assists in policy management and refinement. Conducting information security audits, gap assessments, managing external certification and customer audits. Performs any other related task as required.

Knowledge and Attributes: Advanced understanding of information security frameworks and standards. Advanced proficiency in conducting risk assessments, analyzing security controls, and policy management. Excellent communication and interpersonal skills for collaborating with various stakeholders. Strong project management skills for handling security initiatives. Advanced familiarity with aspects related to information security.

Knowledge and application

Applies advanced wide-ranging experience and in-depth professional knowledge to develop and resolve complex models and procedures in creative way. Directs the application of existing principles and guides development of new policies and ideas; Determines own methods and procedures on new assignments.

Problem solving

Understands and works on complex issues where analysis of situation or data requires an in-depth evaluation of variable factors, solutions may need to be devised from limited information. Exercises judgment in selecting methods, evaluating, adapting of complex techniques and evaluation criteria for obtaining results.

Interaction

Frequently advises key people outside own area of expertise on complex matters.

Academic Qualifications and Certifications: Bachelor’s degree or equivalent in Information Technology or Computer Science degree or related field. Information Security certifications such as ISO 27001 Lead Auditor/Implementer, CISM, CRISC, CEH, COBIT or equivalent preferred.

Required experience: Must have 8 - 10 years of experience related to Information Security/Cybersecurity. Advanced experience in information security, managing and conducting audits Advanced experience in leading risk assessments, compliance efforts, security awareness initiatives, and policy management

Work Conditions and Other requirements: Travel required 20% of time. Perform work from a remote location with stable internet connection.

Who we are

As the third largest data center provider, we operate over 150 data centers in more than 20 countries and regions. We understand that every business – large and small – has its own unique needs and goals. We offer local-to-global data center expertise, aligned with our connected platform of AI-ready data centers to create solutions that enable our clients to seamlessly scale their digital businesses, anywhere and anytime.