Information Security Specialist (F/H)

Want to be a part of our team?

The Information Security GRC Specialist is responsible for supporting the organisation's information security program by assessing risks, implementing security controls, ensuring compliance, managing security awareness initiatives, and contributing to policy development. This role collaborates with internal teams to enhance security practices and maintain a strong security posture.

Working at NTT

Your responsibilities will be:

• Manage the security management process within the framework of calls for tenders.
• Manage the process of customer requirements questionnaires: security, data protection, and more generally everything related to compliance in the context of the requests to be processed.
• Approve the response to these questionnaires.
• Check that the technical solutions proposed take into account customer security requirements and are consistent with the ISO 27001 standard.
• Support operational staff in taking into account contractual clauses and security requirements.
• Manage and approve the drafting of Safety Assurance Plans.
• Guide operational services in the drafting of models constituting a documentary base on subjects related to security governance, ISO standardization, risk assessment of the services provided to our customers.
• Carry out internal audits on the implementation of customer requirements, as well as the maintenance of ISO standards.
• Manage and ensure the evaluation of suppliers in accordance with Group Policy.
• Be the relay of the Group's awareness messages, promote security through webinars, bring to life, animate the GRC Cybersecurity portal
• In collaboration with the CISO, you will lead information systems security awareness workshops.
• Participate in the proper functioning of the service by reporting anomalies and suggestions for improvement.
• Support the CISO in the various ISO certification programs and the adaptation of Group security policies to local specificities France.

Your profile:

• You have at least a Master's degree in IT, cybersecurity or equivalent.
• You have a minimum of 5 years of experience in the perimeter of information security.
• You have strong skills in analysis and problem-solving.
• You have a strong knowledge of ISO27001 version 2013 and 2022 and you have ideally already worked in a ISMS environment.
• You have capacity to train technical and non-technical workers in security subjects and processes.
• You have strong skills in communication and persuasion.
• You master English & French at speaking and writing.

Skills Summary

Communication, Compliance Frameworks, Incident Response, Project Coordination, Risk Assessments, Security Awareness Training, Security Controls, Security Policies

What will make you a good fit for the role?

Workplace type:

Hybrid Working

Equal Opportunity Employer

NTT is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, color, sex, religion, national origin, disability, pregnancy, marital status, sexual orientation, gender reassignment, veteran status, or other protected category