Information Security Consultant

**Make an impact with NTT DATA**
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it’s a place where you can grow, belong and thrive.

**Your day at NTT DATA**

This role identifies and develops the security solutions for clients using company products, outsourced technology solutions and technical tools.

This role consults with clients regarding secure product configuration, deployment, and security patches to minimize security vulnerabilities and provides comprehensive scanning, penetration testing, vulnerability assessments, monitoring services and source code analysis and delivers detailed results to clients.

This role guides and supports clients in the development and implementation of product security controls.

**Key responsibilities**:

- Works on strategic projects that ensure the efficient and effective reaction to security breaches to mitigate immediate and potential threats.
- Uses mitigation, preparedness, response and recovery approaches to minimize business disruptions and commercial consequences.
- Offers detailed technical support investigation and analysis response activities and evaluate the effectiveness of and improvements to existing practices.
- Conducts regular threat and vulnerability assessments and determine deviations from acceptable configurations or policies.
- Participates in the assessment of the level of risk and support the development of appropriate mitigation countermeasures in operational and non-operational situations.
- Analyzes evidence to support network vulnerability mitigation.
- Supports peers in the management and implementation of the information security management system.
- Participates in the implementation of policies, processes and guidelines to ensure the standardization of security management throughout the organization.
- Applies tactics, techniques, and procedures to a full range of tools and processes related to administrative, criminal, and counterintelligence gathering (e.g., in-depth case analyses, continuous monitoring, malware analysis, clear documentation).
- Proactively searches through our critical infrastructure, systems and networks to detect and isolate advanced threats that may cause harm to our organization.
- Use both manual approaches and automated tools to identify, analyze, and report events and support the development of countermeasures to proactively protect against these threats in the future.

**To thrive in this role, you need to have**:

- Strong understanding of information technology and information security
- Solid understanding of security risks and preventative controls
- Excellent understanding of security operational processes and controls
- Service consulting aptitude, focusing on the business, service and sales aspects
- Excellent verbal and written communication skills
- Demonstrate impeccable attention to detail are able to translate internal customer requirements into solutions
- Maintain up-to-date knowledge of security threats, countermeasures, security tools, and network technologies
- High level of drive and ability to work under pressure
- Ability to build and maintain cross-functional relationships with a variety of stakeholders
- Understanding of relevant laws, regulations, and compliance frameworks affecting the technology sector.
- Good ability to assess and manage cybersecurity risks at both organizational and project levels.
- Good knowledge of security frameworks and standards like NIST, ISO/IEC 27001, CIS, etc.

**Academic qualifications and certifications**:

- Bachelor's degree or equivalent in Information Technology or Computer Science or Engineering or related field.
- Industry relevant certifications such as CISSP, CISM, CEH, GSEC or CompTIA Security+ essential.

**Required experience**:

- Seasoned demonstrable experience in the Information Technology Security Industry or relevant experience in similar role within a related environment.
- Seasoned experience with security architecture design principles.
- Seasoned experience with industry compliance and standards such as ISO 27000, PCI DSS, NIST, HIPAA or others.
- Seasoned experience with security tools and techniques to cover SANS Top 25, OWASP or others.
- Seasoned experience working in a multi-team environment across multiple geographies.

**Workplace type**:
Hybrid Working

**About NTT DATA**

**Equal Opportunity Employer