Client Information Security Manager (ISM)-Hybrid

About The Position

Requirements

• 12+ years of relevant experience
• Strong knowledge of standards / regulations impacting information security (e.g., NIST, ISO, PCI)
• Experience with information security internal & external audits, contract compliance, and quality initiatives
• Significant experience in identifying and utilizing a global risk based management model.

Nice To Haves

• At least one of the following certifications: CISSP, CISM, SSCP, CEH, or CSSLP
• Undergraduate or graduate degree
• Security/Consulting industry experience working in a customer facing role with customer security relationship management experience at the senior level
• Familiarity with information security technologies and issues on multiple platforms
• Experience working with network perimeter security technologies such as firewalls, intrusion detection/prevention systems and content filtering technologies
• Working knowledge of security monitoring technologies and processes such as monitoring architectures, log aggregation, SOC/SIEM capabilities and Incident Response
• Significant experience in application and integration of globally accepted security standards
• Advanced knowledge of Information Technology and Infrastructure configurations that will protect systems from unauthorized access and software invasion

Responsibilities

• Ensure the delivery of information security services to the customer is in compliance with the contract and any applicable standards and regulatory requirements (e.g., PCI, SOX)
• Collaborate with the client in the definition and implementation of information security policies, strategies, procedures and configurations in order to ensure confidentiality, integrity and availability of client’s environment and data
• Participate with the customer in the strategic design process to translate security and business requirements into processes and systems
• Evaluate new / emerging security products and technologies and make recommendations to customer leadership in regards to the security posture impact on the organization
• Identify, review and recommend information security improvements as they relate to the achievement of the customer’s business goals and objectives
• Manage and drive remediation efforts related to information security; remediation may be from incidents, penetration tests, vulnerability scans, internal/external audits and Critical Practice assessments
• Identify information security weaknesses and/or gaps in the customer’s current operations and work with the customer to bring information security operations up to standards
• Participate and represent IT Security in Delivery/Operational meetings; conduct an information security operational review meeting with account (e.g., Customer Delivery Executive) and customer (e.g., CISO) key stakeholders with topics including information security status and performance
• Review service management reports to ensure tickets (i.e., incidents, problems, requests, changes) related to information security, are being acknowledged, worked and Service Level Agreements are being met; provide direction on ticket remediation and ensure remediation is complete
• Conduct an ongoing security awareness program for NTT DATA personnel supporting the customer ensuring individuals understand and are compliant with the relevant information security obligations in support of the customer; program should address relevant security topics and adequately provide guidance on security policies and supporting documentation
• Cultivate trusted partner relationships with account and customer; keep consistent and open dialogue to uncover issues, challenges, risks
• Maintain an information security strategy (forward looking roadmap), for your customer, aligning services / portfolio components to the strategy

Benefits

• NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.