At NTT we believe that by using innovative technology we can solve global challenges and create a world that is sustainable and secure. We are looking for curious people, from diverse backgrounds, that are keen to work in a fast-paced and agile environment. At NTT we trust our employees to do the right thing, even when no one is watching, which is why we offer flexibility in the workplace. The majority of our roles are hybrid, meaning we encourage a balance of working from home and our local office. Ask our recruitment team if this is a hybrid role.
Want to be a part of our team? Oversees the development, evaluation and implementation of governance, risk and compliance processes to mitigate cybersecurity risk and ensure protection of company and allied assets and information. Researches and interprets current and pending laws and regulations, industry standards and customer and vendor contracts to understand and communicate compliance requirements. Consults with business and technical leadership to ensure that data, processes and technology are designed for data protection and compliance. Oversees information security risk assessments and compliance audits; directs the development and operational effectiveness of IT security controls. Monitors investigations and documentation of cybersecurity compliance issues and incidents. Reviews information security risk findings and non-compliance with business leaders and proposes solutions to mitigate risks. Selects, develops and evaluates personnel to ensure the efficient operation of the function.
Working at NTT The Manager: Compliance and Data Protection is a global position that supports the NTT business by way of protecting NTT's brand, warranting compliance to its regulatory and contractual obligations. A critical component of this role is to ensure strategic and operational alignment to the global objectives of the Chief Security Office (CSO) and NTT Holdings. This role is accountable for the preparation, monitoring and implementation of controls for successful completion and maintenance of various compliance programmes, including ISO27001, SOC, PCI-DSS etc. in line with the NTT Ltd Information Security Management System (ISMS), ensuring that information security is effectively managed in all services and business functions within the region.
Responsibilities Monitor the development, evaluation and implementation of cybersecurity controls and ensure protection of company and allied assets and information. Support and review customer and vendor contracts to understand and communicate compliance requirements. Consult with business and technical leadership to ensure that data, processes and technology are designed for data protection and compliance. Monitor investigations and documentation of cybersecurity compliance issues and incidents. Review information security risk findings and non-compliance with business leaders and propose solutions to mitigate risks. Select, develop and evaluate a team to ensure the efficient operation of the function. Contribute to the Group ISMS content development, maintenance and maturity. Advise and report to the CSO on all ISMS operational controls, processes and compliance status. Implement and monitor information security operational requirements and information security design criteria and templates. Review the security policy with the relevant 3rd parties ensuring that ISM service requirements are met and that integration into access management and security reporting occurs. Log major service requests for ISM transition and ensure that service activation, knowledge transfer and change management processes take place. Manage the prevention and resolution of security breaches and ensure incident and problem management processes are initiated. Perform baseline security reviews and monitor operational security activities according to the policy. Develop, scope and discuss security service audit schedules, review access authorisation and perform the required access controls and penetration testing to identify security weaknesses. Document improvement in service design and ensure that the required security plan is developed and reviewed. Required Knowledge, Skills and Attributes Fluent in Spanish & English. Relevant knowledge of information security management and policies. Sound understanding of security operational processes and controls. Demonstrable understanding of complex inter-relationships in an overall system or process. Maintain up-to-date knowledge of security threats, countermeasures, security tools, and network technologies. Relevant knowledge of technological advances within the information security arena. Relevant solution and service knowledge. Good interpersonal and consultative skills with the ability to map business needs to technology solutions. Ability to discuss and report technology and information security risk with non-technology and executive business stakeholders. El anuncio original lo puedes encontrar en Kit Empleo: https://www.kitempleo.es/empleo/116627163/b-994-governance-risk-and-compliance-manager-barcelona/?utm_source=html
#J-18808-Ljbffr
