Full Job DescriptionAt NTT we believe that by using innovative technology we can solve global challenges and create a world that is sustainable and secure. We are looking for curious people, from diverse backgrounds, that are keen to work in a fast-paced and agile environment.
At NTT we trust our employees to do the right thing, even when no one is watching, which is why we offer flexibility in the workplace. The majority of our roles are hybrid, meaning we encourage a balance of working from home and our local office. Ask our recruitment team if this is a hybrid role.
Want to be a part of our team?
The Senior Compliance Officer is a global position that supports the orchestration of information security governance, risk and compliance activities for NTT Ltd.
This role supports the business and helps protect the reputation of NTT Ltd by taking responsibility for aligning IT security with business security, ensuring that information security is effectively managed in all service and business activities within this role’s remit.
The primary focus for the Senior Compliance Officer role is to ensure the establishment and maintenance of the security compliance programme and therefore the relevant processes and controls to monitor compliance practices to avoid breaching laws, regulations, policies, contractual and other security obligations.
Working at NTT
Key Roles and Responsibilities
Contribute to the review of service level and business requirements to develop service methodologies and an information security policy, assessments and methodologies which define security controls relevant to the service and operational requirements
Interpret information security policies, standards, and other requirements as they relate to a specific internal information system, and assist with the implementation of these and other information security requirements
Identify potential risks, incidents and problems before they occur
Log major service requests for ISM transition including the related sub tasks as follows (but not limited to):
Review requirements for Security service levels and security controls
Review customised security policy
Review access management and operational security management practices
Identify, classify and record problems for all recurring issues and incidents to determine their root cause and assist with ensuring that reported incidents and problems are solved and proactively reviewed to ensure the development of remedial action
Document the learnings (what’s gone well and what could have been done differently) from the compliance reviews and work on improving the processes
Ensure the proactive management of risk and update, as well as contribute to the maintenance of a “Risk Register”
Assist with the provision of information to senior management on risk issues and assist with the provision of a treatment plan to manage these
Ensure that all relevant information regarding risk is accurate and kept up to date and document progress against activities identified in the risk management plan and provide regular reports on problem status
Leverage security and risk-related systems including but not limited to:
Vulnerability management
Endpoint protection
Log management/SIEM
Contribute to the implementation of new security tools and provide technical assistance with the initial set-up, secure deployment, and proper management of systems that support information security including malware detection systems, spam filtering systems, content control software systems, web site blocking systems, intrusion detection systems, intrusion prevention systems, and privilege account management systems
Identify current and emerging technology issues including security trends, vulnerabilities and threats
Hands-on knowledge of information security technologies such as security design review, threat modelling, risk analysis, and software testing techniques
Identify opportunities and drive the implementation of automation
Mitigate enterprise vulnerabilities and reduce attack surface vectors identified through controls implementation
Help ensure compliance with applicable data security laws, regulations, certifications and customer requirements
Deliver the design and operation of related security controls and improvement activities to ensure compliance both with internal security policies and applicable laws and regulations
Produce non-compliance and other reports that are necessary for the correct operation of processes
Identify failures and shortcomings in the current processes and escalate with recommendations
Knowledge Skills and Attributes
Excellent written communication skills, with a focus on translating technically complex issues into simple, easy to understand concepts
Results oriented, high energy, self-motivated with the ability work independently
Ability to collaborate first and foremost and exercise cross-team co-operation and influence
Exceptional attention to detail and takes pride in delivering demonstrated results
Goal oriented while exhibiting persistence in follow up, escalation, and resolution
Ability to multi-task projects, assignments and daily workload while maintaining timely deliverables
Ability to code in scripting languages such as Python, PowerShell, bash, DOS etc.
Great interpersonal skills with the ability to develop strong client (Internal / External) relationships
Team player who is willing to develop and share IP with a strong client service orientation
Highly developed technical capability across a broad range of Security products / solutions
Academic Qualifications and Certifications
Relevant bachelor’s degree, such as a Computer Science degree or equivalent
Security certifications – ISO27001 Lead Auditor; CISA, CRISC or equivalent
Highly Desirable: Information Technology / ITILSM / ICT Security / ITIL v3 CISM
Required Experience
Demonstrable experience gained within the Technology Information Security Industry
Demonstrable experience with auditing, security compliance and risk management
Consulting experience is advantageous
What will make you a good fit for the role?
Have wide-ranging experienceUses professional concepts and company objectives to solve complex issues in creative waysNetworks with others outside own area of expertiseExercises judgment in selecting methods, techniques and evaluation criteria to obtain resultsMay coordinate others’ activitiesTypically requires significant related experience with a Bachelor’s or equivalent degree
Join our growing global team and accelerate your career with us. Apply today.
Equal opportunity employer
NTT is proud to be an equal opportunity employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, color, sex, religion, national origin, disability, pregnancy, marital status, sexual orientation, gender reassignment, veteran status, or other protected category.