Principal Cyber Risk and Compliance Manager
Sydney, Australia
NTT DATA
NTT DATA helps clients transform through consulting, industry solutions, business process services, IT modernization and managed services.Want to be a part of our team?
The Cyber Risk and Compliance Manager reports into the Director of Security and is the primary point of contact between the client’s security function and NTT. This position will require you to focus on assuring the delivery of NTT services to the agreed security standard and helping clients adopt additional security capability to enhance the client’s security posture.This role collaborates with cross functional teams, and leadership, and other stakeholders to maintain a robust and proactive information security posture.
Working at NTT
Key Roles and Responsibilities:
- Security relationship management – Understand the client’s operational environment and the role NTT plays in delivering the client’s ISMS outcomes;
- Compliance and policy – Deliver contracted inputs to the client’s compliance processes;
- Internal audits – lead regular NTT internal security reviews to ensure compliance with applicable frameworks
- Vulnerability, configuration management and patching – ensure that NTT is compliant with its vulnerability management and patching obligations;
- Process improvement - regularly review information security and risk processes and policies as mandated by the client and proactively suggest enhancements to NTT processes in conjunction with the client and NTT stakeholders;
- Security uplift – understand client operational and security challenges and recommend appropriate security enhancement options
- Risk management - work with client and NTT subject matter experts to identify security risks and vulnerabilities and recommend rectification activities
- Incident response – Work with the client and/or internal Incident Response teams to resolve incidents;
- Vendor Risk Assessment - work with client and internal delivery teams to manage client's third party vendor risk assessment processes.
Knowledge, Skills and Attributes:
- Excellent communication and presentation skills with the ability to effectively convey complex security concepts to non-technical stakeholders.
- Good leadership and team management skills to lead and motivate a diverse delivery and cross functional team.
- In-depth understanding of security technologies, tools, and best practices.
- Strategic thinking and problem-solving abilities with a focus on delivering results.
- Industry certifications highly favourable e.g. CISM, CISSP, CISA, CRISC or GIAC
- Experienced working as a CSO, CISO or Information Security Manager
- Able to demonstrate an understanding or experience of operating within an ITIL based service delivery environment
- Extensive background with managing security incident management services, security audits, business continuity planning and risk management
- Well versed with compliance and specific regulatory and privacy requirements
- Existing AGSVA Clearance or ability to obtain one is highly desirable
Skills Summary
Information Security Compliance, Information Security Incident Management, Information Security Management, Information Security Operations, Information Security Risk Management, Information Security ServicesWorkplace type:
Hybrid WorkingEqual Opportunity Employer
NTT is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, color, sex, religion, national origin, disability, pregnancy, marital status, sexual orientation, gender reassignment, veteran status, or other protected category
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISA CISM CISO CISSP Clearance Compliance CRISC GIAC Incident response ISMS ITIL Privacy Risk assessment Risk management Vulnerabilities Vulnerability management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Cloud Security Architect jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Officer jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Ethical hacker / Pentester H/F jobs
- Open IT Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Manager Pentest H/F jobs
- Open Security Operations Analyst jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Network Security Engineer jobs
- Open Information Security Architect jobs
- Open C-related jobs
- Open CISM-related jobs
- Open Risk assessment-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DoD-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open DevOps-related jobs
- Open Splunk-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open IPS-related jobs
- Open Kubernetes-related jobs