Principal Cyber Risk and Compliance Manager

Want to be a part of our team?

The Cyber Risk and Compliance Manager reports into the Director of Security and is the primary point of contact between the client’s security function and NTT.  This position will require you to focus on assuring the delivery of NTT services to the agreed security standard and helping clients adopt additional security capability to enhance the client’s security posture.  

This role collaborates with cross functional teams, and leadership, and other stakeholders to maintain a robust and proactive information security posture.

Working at NTT

Key Roles and Responsibilities:

• Security relationship management – Understand the client’s operational environment and the role NTT plays in delivering the client’s ISMS outcomes;
• Compliance and policy – Deliver contracted inputs to the client’s compliance processes;
• Internal audits – lead regular NTT internal security reviews to ensure compliance with applicable frameworks
• Vulnerability, configuration management and patching – ensure that NTT is compliant with its vulnerability management and patching obligations;
• Process improvement - regularly review information security and risk processes and policies as mandated by the client and proactively suggest enhancements to NTT processes in conjunction with the client and NTT stakeholders;
• Security uplift – understand client operational and security challenges and recommend appropriate security enhancement options
• Risk management - work with client and NTT subject matter experts to identify security risks and vulnerabilities and recommend rectification activities
• Incident response – Work with the client and/or internal Incident Response teams to resolve incidents;
• Vendor Risk Assessment - work with client and internal delivery teams to manage client's third party vendor risk assessment processes.

Knowledge, Skills and Attributes:

• Excellent communication and presentation skills with the ability to effectively convey complex security concepts to non-technical stakeholders.
• Good leadership and team management skills to lead and motivate a diverse delivery and cross functional team.
• In-depth understanding of security technologies, tools, and best practices.
• Strategic thinking and problem-solving abilities with a focus on delivering results.
• Industry certifications highly favourable e.g. CISM, CISSP, CISA, CRISC or GIAC
• Experienced working as a CSO, CISO or Information Security Manager
• Able to demonstrate an understanding or experience of operating within an ITIL based service delivery environment
• Extensive background with managing security incident management services, security audits, business continuity planning and risk management
• Well versed with compliance and specific regulatory and privacy requirements
• Existing AGSVA Clearance or ability to obtain one is highly desirable

Skills Summary

Information Security Compliance, Information Security Incident Management, Information Security Management, Information Security Operations, Information Security Risk Management, Information Security Services

Workplace type:

Hybrid Working

Equal Opportunity Employer

NTT is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, color, sex, religion, national origin, disability, pregnancy, marital status, sexual orientation, gender reassignment, veteran status, or other protected category