As the Manager, Information Security Governance, Risk and Compliance at NTT DATA, your role involves supporting the organization in protecting its brand and ensuring compliance with regulatory and contractual obligations. You will be responsible for preparing, monitoring, and implementing controls for various compliance programs such as ISO27001 and SOC, in alignment with the Information Security Management System (ISMS). Your focus will be on managing people resources for the program while fostering a collaborative and innovative team culture centered on operational excellence.

Key responsibilities:
- Support the development and operational effectiveness of IT security controls.
- Manage and monitor Group risk in the company's preferred risk management solution.
- Assist in developing security compliance review schedules, risk registers, and threat assessments.
- Document improvements in service design and ensure the development of required security plans.
- Review service level and business requirements to develop service methodologies and information security policies.
- Advise on reporting requirements and ensure the implementation of the ISM policy in service operation.
- Assist in designing and operating compliance with internal security policies and regulations.
- Ensure security assessments align with service and operational requirements.
- Develop an ISMS security audit management strategy aligned with service requirements.
- Evaluate operational processes and implement controls to ensure compliance with ISMS obligations.
- Monitor and address deviations to maintain ongoing compliance.

To thrive in this role, you need to have:
- Relevant people management skills.
- Ability to make strategic decisions and ensure effective operations.
- Advanced understanding of complex system inter-relationships.
- Excellent interpersonal and consultative skills.
- Ability to discuss technology and information security risk with non-technical stakeholders.
- Analytical thinking and proactive approach.
- Team player with client-focused orientation.
- Ability to articulate ISM strategies.
- Strong strategic thinking and decision-making abilities.
- Project management skills.
- Advanced knowledge of security risk management and information security policies.

Academic qualifications and certifications:
- Bachelor's degree in Information Technology or related field.
- Security certifications such as CISA, CRISC, COBIT, or equivalent.
- Certifications such as Lead Auditor/Implementer - ISO 27001, SOC TSP preferred.

Required experience:
- Advanced experience in Technology Information Security Industry.
- Experience with Operational Risk Management and Enterprise Risk Management.
- Experience in risk identification in technical programs, new technologies, and regulatory changes.
- Experience with Enterprise Risk Management solutions.
- Technical Information Security consulting experience.
- Knowledge of security threats, countermeasures, and network technologies.

Workplace type:
On-site Working

About NTT DATA:
NTT DATA is a global business and technology services leader committed to accelerating client success through responsible innovation. With expertise in AI, cloud, security, and more, we help organizations move confidently into the digital future. NTT DATA is an Equal Opportunity Employer that values diversity and provides a discrimination-free environment.

Please note that NTT DATA recruiters will never ask for payment or banking information during the recruitment process. If you encounter any suspicious activity, please contact us immediately.

Experience Level:
Mid Level As the Manager, Information Security Governance, Risk and Compliance at NTT DATA, your role involves supporting the organization in protecting its brand and ensuring compliance with regulatory and contractual obligations. You will be responsible for preparing, monitoring, and implementing controls for various compliance programs such as ISO27001 and SOC, in alignment with the Information Security Management System (ISMS). Your focus will be on managing people resources for the program while fostering a collaborative and innovative team culture centered on operational excellence.

Key responsibilities:
- Support the development and operational effectiveness of IT security controls.
- Manage and monitor Group risk in the company's preferred risk management solution.
- Assist in developing security compliance review schedules, risk registers, and threat assessments.
- Document improvements in service design and ensure the development of required security plans.
- Review service level and business requirements to develop service methodologies and information security policies.
- Advise on reporting requirements and ensure the implementation of the ISM policy in service operation.
- Assist in designing and operating compliance with internal security policies and regulations.
- Ensure security assessments align with service and operational requirem