Security Apps Lead

Overview

Key responsibilities

• Provides operational management in the implementation of an organization-wide information security strategy aligned with business objectives.
• Maintains and implements information security policies, procedures, standards, and guidelines that comply with industry best practices and regulatory requirements.
• Coordinates the identification, assessment and management of information security risks across the organization, including data, systems, networks, and third-party relationships.
• Promotes a culture of security awareness among employees through training, education, and regular communication.
• Coordinates the execution of incident response plans to effectively address and mitigate security incidents.
• Ensures companys compliance with relevant security regulations, laws, and industry standards.
• Assists with assessing and selecting and selects appropriate security technologies and solutions to protect company digital assets.
• Implements security monitoring tools and systems to detect and respond to security threats and providing regular reports to senior leadership and stakeholders.
• Stays informed about emerging security threats and industry trends to continuously enhance the organizations security posture.
• Effectively communicates security incidents, responses, and mitigation efforts to relevant stakeholders.
• Coordinates and manages internal and external security audits and assessments.
• Provides guidance, management to the information security team, ensuring adherence to security policies and procedures.
• To thrive in this role, you need to have:
• Solid knowledge of security frameworks and standards (e.g., ISO 27001, NIST, CIS, etc.).
• Solid understanding of security technologies, tools, and best practices.
• Excellent communication and presentation skills with the ability to effectively convey complex security concepts to non-technical stakeholders.
• Developing team management skills to lead and motivate a diverse security team.
• Good problem-solving abilities with a focus on delivering results.
• Good business acumen and the ability to align security activities with overall security strategic objectives.
• Academic qualifications and certifications:
• Bachelors degree or equivalent in business administration or a technology-related field required (e.g., computer science, information technology, etc.).
• Related Cybersecurity, risk management and data privacy certifications preferred: CompTIA Security, CISSP, CISM, CISA, and/or CEH.
• Required experience:
• Solid experience in a combination of risk management, information security and IT roles in a global organization.
• Solid experience with contract and vendor negotiations and management.
• Solid experience in Agile (scaled) software development or other best in class development practices.
• Solid experience with Cloud computing / Elastic computing across virtualized environments.
• Solid experience in risk management, compliance and regulatory requirements related to information security.
• Solid experience working with national and international regulatory compliance frameworks such as NIST, ISO, SOX, EU GDPR, CCPA and PCI DSS.
• Solid experience and working knowledge of the following areas of technical expertise - information policy formulation, information security management, business risk management, IT risk assessment and management, IT continuity management, IT governance formulation, and organizational change management, IT financial management and IT audit.

About NTT DATA

Equal Opportunity Employer