Information Security-Management - Security Analysis Specialist Advisor

Job Description

Req ID: 314331 NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now. We are currently seeking a Information Security-Management - Security Analysis Specialist Advisor to join our team in Noida, Uttar Pradesh (IN-UP), India (IN). Role Overview The NTT DATA Services Security Analysis Specialist Advisor works to ensure the seamless delivery of all information security services that NTT DATA provides to the customer. This is an individual contributor role in which the person acts as a trusted information security partner with the customer and works collaboratively to understand, anticipate and recommend risk mitigation while promoting the overall information security protection for the customer s information assets. You will partner with client to align information security with the customer s business strategy, security policies and regulatory and compliance requirements resulting in increased protection and reduced risk. Role Responsibilities (high level summary of key duties) The responsibilities of the Security Analysis Specialist Advisor include: Ensure the delivery of information security services to the customer in compliance with the contract and any applicable standards and regulatory requirements (e.g., ISO, PCI, SOX) Assist client in the definition and implementation of information security policies, strategies, procedures and settings to ensure confidentiality, integrity and availability of client s environment and data Participate with customer in the strategic design process to translate security and business requirements into processes and systems; evaluating new / emerging security products and technologies and making recommendations to customer leadership in regards to the security posture impact on the organization Identify, review and recommend information security improvements as they relate to the achievement of the customer s business goals and objectives Governance and Compliance Support the implementation of the client s security governance frameworks within NTT DATA Delivery teams. Collaborate with the client to review, implement, and monitor adherence to their security policies, procedures, and standards. Conduct compliance reviews and assist in preparing for internal and external audits, ensuring alignment with client requirements. Facilitate audits by providing evidence of compliance and addressing findings effectively in partnership with the client. Maintain the Security Management Plan as a statement of applicability , defining relevant controls, responsibilities, and standards to align with both NTT DATA and client s security objectives. Risk Assessment and Management Perform risk reviews in collaboration with the client to identify and evaluate risks across NTT DATA Delivery teams. Develop and monitor risk treatment plans aligned with the client s risk management framework, ensuring mitigation of identified risks. Incorporate the client s threat intelligence into risk management strategies to proactively address emerging risks. Escalate significant risks to NTT DATA and client senior management (as appropriate) with actionable recommendations for mitigation. Participate in internal and external audits for the customer (e.g., SOX, PCI) and coordinate information security services activities Good understanding of SIEM/SOC, Endpoint Security Tools (SentinelOne, MS Defender, etc.), Network Security tools including FW, IPS/IDS, Content Filter, etc. Drive remediation efforts related to information security; remediation may be from incidents, penetration tests, vulnerability scans, internal/external audits and Critical Practice assessments Identify information security weaknesses and/or gaps in the customer s current operations and work with the customer to bring information security operations up to standards Participate and represent IT Security in Delivery/Operational meetings Review service management reports to ensure tickets (i.e., incidents, problems, requests, changes), related to information security, are being acknowledged, worked and Service Level Agreements are being met; provide direction on ticket remediation and ensure remediation is complete Required Qualifications: 6+ years of relevant experience Knowledge of standards / regulations impacting information security (e.g., PCI, HIPAA, SOX) Applied knowledge of risk management concepts Experience with information security internal & external audits, contract compliance, and quality initiatives Preferences: At least one of the following certifications: CISSP, SSCP, CISM, CEH Undergraduate or graduate degree Customer relationship management experience at the senior level Strong knowledge of systems and network administration (i.e., Active Directory, Server, Desktop) Knowledge and application of Globally Accepted Information Security Principles Strong knowledge of network security that pertains to communications, computer system environments and related infrastructures Thorough knowledge of server and desktop configurations that will protect systems from unauthorized access and software invasion