Manager, Information Security Governance, Risk and Compliance

As the Manager, Information Security Governance, Risk and Compliance at NTT DATA, your role is crucial in protecting the organization's brand and ensuring compliance with regulatory and contractual obligations. Your responsibilities include preparing, monitoring, and implementing controls for various compliance programs such as ISO27001 and SOC. You will manage people resources for the program and foster a collaborative team culture focused on operational excellence. Key Responsibilities: - Support the development and operational effectiveness of IT security controls. - Manage and monitor Group risk in the company's preferred risk management solution. - Assist in developing security compliance review schedules, reviewing risk registers, and performing threat and risk assessments. - Document improvements in service design and ensure the required security plan is developed. - Review service level and business requirements to develop service methodologies and information security policies. - Advise on reporting requirements and ensure the implementation of the ISM policy in service operation. - Assist with compliance design and operation with internal security policies and regulations. - Evaluate security assessments and ensure alignment with operational requirements. - Develop an ISMS security audit management strategy aligned with service and operational requirements. - Evaluate operational processes and drive the implementation of process controls to ensure ISMS policy alignment. To thrive in this role, you need to have: - Relevant people management skills. - Ability to make final decisions on administrative or operational matters. - Advanced understanding of complex inter-relationships in systems or processes. - Excellent interpersonal and consultative skills. - Ability to discuss technology and information security risk with non-technology stakeholders. - Analytical thinking and a proactive approach. - Team player with consistent client focus. - Ability to develop and articulate ISM strategies. - Strong strategic thinking and decision-making abilities. - Good project management skills. - Advanced understanding of security risk management and operational processes. Academic qualifications and certifications: - Bachelor's degree in Information Technology or Computer Science. - Security certifications such as CISA, CRISC, COBIT, or equivalent. - Certifications such as Lead audit/Implementer - ISO 27001, SOC TSP preferred. Required experience: - Advanced experience in the Technology Information Security Industry. - Experience with Operational Risk Management and Enterprise Risk Management. - Experience in risk identification in technical programs and new technologies. - Experience with Enterprise Risk Management solutions. - Experience in technical Information Security consulting and architecture. - Knowledge of security threats, countermeasures, and network technologies. Workplace type: On-site Working About NTT DATA: NTT DATA is a global leader in business and technology services, committed to accelerating client success through responsible innovation. With expertise in AI, cloud, security, and more, we help organizations move confidently into the digital future. As a Global Top Employer, we value diversity and offer a supportive environment for career growth. NTT DATA is part of NTT Group, investing in R&D to drive innovation. Equal Opportunity Employer: NTT DATA is an Equal Opportunity Employer that embraces diversity and prohibits discrimination based on various factors. Join our global team to accelerate your career with us. (Note: Omitted the section "Third parties fraudulently posing as NTT DATA recruiters" as it was more of a cautionary note rather than a job description) As the Manager, Information Security Governance, Risk and Compliance at NTT DATA, your role is crucial in protecting the organization's brand and ensuring compliance with regulatory and contractual obligations. Your responsibilities include preparing, monitoring, and implementing controls for various compliance programs such as ISO27001 and SOC. You will manage people resources for the program and foster a collaborative team culture focused on operational excellence. Key Responsibilities: - Support the development and operational effectiveness of IT security controls. - Manage and monitor Group risk in the company's preferred risk management solution. - Assist in developing security compliance review schedules, reviewing risk registers, and performing threat and risk assessments. - Document improvements in service design and ensure the required security plan is developed. - Review service level and business requirements to develop service methodologies and information security policies. - Advise on reporting requirements and ensure the implementation of the ISM policy in service operation. - Assist with compliance design and operation with internal security policies and regulations. - Evaluate security assessments and ensur