Security Audit Risk & Compliance SME
Information Technology, London
Security Audit Risk & Compliance SME
Information Technology, London

What you'll be doing:

Using your background in Risk & Compliance, you will help our clients:

  • Assess and test the effectiveness of security controls, and document the compliance levels to identify risks and control gaps.
  • Understanding the Security regulatory landscape that affecting UK & EU business and IT areas.
  • Evaluate security risks against either client risk models or well-known risk &/or control frameworks such as; the ISO3100 series, NIST, ISO270xx series, ISF, CIS, UK CAF, etc,  
  • Develop and review security risk models, standards, procedures, and controls to manage client risks.
  • Improve security risk posture through defining a process of improvements, leveraging Risk & Compliance platforms, policy, automation, and the continuous evolution of capabilities.
  • Ensure & evaluate that required and expected security controls are in place and working as they should.
  • Recommend tooling and process improvements and develops reporting metrics, dashboards, and evidence artefacts.
  • Document and report control failures and gaps to stakeholders. Provide remediation guidance and prepare management reports to track remediation activities.

What experience you'll bring:

It starts with amazing people, challenging projects and a work environment that supports the creation of tangible solutions that make an impact. You will need to have a broad experience of security risk management and have evidence of experience in a number of the following fields of expertise:

  • Demonstrate in-depth knowledge of Risk assessment and risk management methodologies &/or frameworks.
  • Experience in applying & using qualitive / qualitive Risk and/or Threat based risk models 
  • Knowledge of UK / EU information security management, governance, and compliance principles, practices, laws, rules and regulations.
  • Experience in implementing and/or operating one or more Security Risk Management, Compliance or Data Protection technology platforms. 
  • Experience in implementing and operating one or more of the following:
    • ISO 27001 compliant ISMS
    • PCI DSS / SOX compliance
    • UK NCSC CAF compliance
    • UK or EU GDPR / UK Data Protection compliance
    • NIS/NIS2, DORA compliance
    • UK Operational Resilience / TSA(R) compliance
    • UK CNI / OT / IIOT compliance
  • Cyber and Cloud Security standards & frameworks, supporting architecture, design, operations, controls, technology, solutions, and service orchestration.
  • Core knowledge of Information Technology systems and processes, network infrastructure, data architecture, data processes, and protocols.
  • Information systems auditing, monitoring, controlling, and assessment processes.
  • Knowledge of Incident response management.
  • Outstanding English verbal communication skills with the ability to explain things in a clear and non-technical way.
  • Excellent English writing skills for technical documents and improving processes (such as policies and reports).
  • The ability to explain complex topics to a diverse range of audiences.
  • Strong attention to detail and the ability to deliver high quality work.
  • A valid right to work in the UK.
  • Have held UK SC clearance or be eligible for obtaining UK SC clearance.
  • A relevant and recognised professional Security / Risk / Compliance certification supporting the role, such as; CISSP, PCI ISA, ISO 27001 ISMS Lead Implementer, CRISC, etc.

 

Who we are:

We’re a business with a global reach that empowers local teams, and we undertake hugely exciting work that is genuinely changing the world. Our advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects.

Our inclusive work environment prioritises mutual respect, accountability, and continuous learning for all our people. This approach fosters collaboration, well-being, growth, and agility, leading to a more diverse, innovative, and competitive organisation. We are also proud to share that we have a range of Inclusion Networks such as: the Women’s Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network.

For more information on Diversity, Equity and Inclusion please click here: Creating Inclusion Together at NTT DATA UK | NTT DATA

what we'll offer you:

We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing. Our Learning and Development team ensure that there are continuous growth and development opportunities for our people. We also offer the opportunity to have flexible work options. 

For more information on NTT DATA UK & Ireland please click here: NTT DATA

We are an equal opportunities employer. We believe in the fair treatment of all our employees and commit to promoting equity and diversity in our employment practices. We are also a Disability Confident Committed Employer - we want to see every candidate performing at their best throughout the job application and interview process, if you require any reasonable adjustments during the recruitment process, please let us know and we look forward to hearing from you. 

Back to search Email to a friend Apply now

Location
Epworth House, London

“Upon joining the NTT DATA UK family, you will experience a culturally diverse organisation living our values of Clients First, Teamwork and Foresight as we partner with our customers every day.

At NTT DATA UK, we are proud to support and invest in our people. We offer a variety of rewarding career paths and opportunities to develop professionally - with access to cutting edge innovation.”

Fernando Apezteguia, CEO, NTT DATA UK

NTT DATA
#loveyourwork
Apply
Jobs at NTT DATA

Browse all