Who we are:
You'll be joining the 6th largest IT Service Provider, present in more than 50 countries. From our roots in Japan, NTT DATA's mission is to facilitate business change and technology transformation across many industries for a better future for our business, people and community. Some of the projects we have supported include the digitising of The Open golf tournament and applying Formula 1 technology to support medical staff at University Hospitals Leicester.
Everything we do is underpinned by our core values of 'Clients First', 'Teamwork' and 'Foresight' and we achieve these by putting people first.
We support and celebrate our differences and preferences, these are what makes us unique. Some of our initiatives, collectively known as “DO Diversity”, aim to create a space for us to learn and get involved in building a truly diverse environment. Our Culture & Ethnicity Network gives our colleagues a platform to share their various backgrounds; Our NINGEN programme allows the new generation of NTT DATA employees around the world to connect and shape the future of our organisation and the “City Gives Back” allows us to support our local community that has been affected by the COVID-19 pandemic...and much more!
What you'll be doing:
We are currently recruiting for a Security Assessment, Regulation & Compliance Consultant to join our growing client delivery business.
NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. In a constantly changing world, we work together with our people, clients and communities to enable them to fulfil their potential to do great things. We believe that by bringing everyone together, we can solve problems using innovative technology that can create a world that is sustainable and secure.
This is a great opportunity for you to play a pivotal role in helping to shape our client’s transformation journeys.
Using your Consultative background, you will be able to:
- Assess, unpack, evaluate and test the effectiveness of security controls, and document the compliance levels to identify risks and./or control gaps.
- Demonstrate subject matter knowledge in one of the following specific Security knowledge areas, such as:
- Security Regulations (Data Protection, GDPR, TSR’s, PSD2, OFCOM, FCA, ICO etc.)
- Security Standards / Framework Compliance (ISO, PCI, CE, NIST, NCSC, etc.)
- For Security / Tech Regulations - Demonstrate an in-depth understanding of the broad security regulatory landscape that affects business and IT areas.
- For Security Standards / Framework Compliance - Demonstrate an in-depth understanding of well-known frameworks and/or standards.
- Articulate the benefits, strengths, weaknesses, values and challenges when considering, implementing, customising or maturing relevant industry good practice frameworks and standards.
- Challenge, review and develop security standards, procedures, artefacts and controls to manage client risks.
- Improve security risk posture through; process improvement, policy, automation, and the continuous evolution of capabilities.
- Ensure that required and expected security controls are in place and working as they should.
- Recommend tooling and technology that can improve and develop reporting metrics, dashboards, and evidence of maturity.
- Document and report control failures and gaps to stakeholders. Provide remediation guidance and prepare management reports to track remediation activities.
What you'll need:
It starts with amazing people, challenging projects and a work environment that supports the creation of tangible solutions that make an impact.
You will need to have a broad security risk consulting background and have previous experience of:
- Risk assessment and management methodologies.
- Applicable information security management, governance, and compliance principles, practices, laws, rules and regulations.
- Information technology systems and processes, network infrastructure, data architecture, data processes, and protocols.
- Information, Cyber and Cloud Security; standards, frameworks, architecture, design, operations, controls, technology, solutions, and service orchestration;
- Information systems auditing, monitoring, controlling, and assessment process;
- Knowledge of Incident response management.
- Experience in implementing Security frameworks and standards such as: ISO 27001 compliant ISMS or achieving compliance with PCI DSS
- Outstanding verbal communication skills with the ability to explain things in a clear and non-technical way.
- Excellent writing skills for technical documents and improving processes (such as policies and reports).
- The ability to explain complex topics to a diverse range of audiences.
- Strong attention to detail and the ability to deliver high quality work.
- A valid right to work in the UK.
- Hold SC clearance or are eligible for SC clearance.
- A relevant certification for this role such as CISSP, PCI ISA, ISO 27001 ISMS Lead Implementer, or CISM.
The focus on Clients First, Teamwork and Foresight is in our DNA and we are looking for someone who shares and embodies these core values, leading by example.
We don't look for finished articles. We look for people who want to continue their career growth alongside NTT DATA 's.