With people at the heart of our success, NTT is committed to attracting and growing the best talent and providing an environment where everyone feels they can belong and their contribution matters. It’s our belief in possibility that drives us, but it’s our people that make it happen. At NTT, what you do matters.
A Career at NTT Means:
-
Having ongoing opportunities to GROW your career- we offer barrier-free learning with multiple self-learning tools available.
-
Being part of a global organization where you can BELONG - in an inclusive and diverse working environment where you are free to be your best self. We’re committed to building a people-focused environment where you can shine, no matter who you are.
-
Belonging to a team where you can make a DIFFERENCE - to your clients, colleagues, and communities. Your ideas are embraced, impactful, and keep us agile.
-
Being part of a global PIONEER – where you gain exposure to our Fortune 500 clients and world-leading global technology partners and work with a network of over 40,000 smart and diverse colleagues across 57 countries, delivering services in over 200 countries.
What else does NTT BPO Offer? We’re glad you asked!
- All equipment required for you to be successful in your role
-
Virtual paid training
-
Comprehensive benefits package (medical, vision, and dental)
-
Employee Assistance Program
-
RRSP program options
-
Short- and Long-Term Disability options
-
Rewards and Recognition programs
-
Internal career advancement opportunities
Position Overview:
The purpose of this role is to enhance and validate the compliance, confidentiality, integrity, and security of all NTT BPO systems and services, while maintaining operational effectiveness. Reporting to the Senior Director, Information Technology and Security, the Senior Manager, Information Security, Governance and Compliance is responsible for the development, delivery, and ongoing management of a comprehensive information security governance framework.
In addition to the day-to-day implementation, management, and monitoring of a comprehensive information security program, the focus of this position is to drive all aspects of the PCI DSS and SOC2 and client audit programs ensuring complete and consistent compliance across the organization. The leader will develop and refine compliance assessment and management processes and work streams for annual assessment, gap analysis, training, remediation, and reporting. Additionally, the role will provide implementation guidance and support, including conducting PCI DSS, SOC2, ISO27000 etc. compliance assessments and monitoring remediation actions.
Position: Senior Manager, Information Security, Governance and Compliance
Position Status: Permanent Full Time
Hours of Work: Monday to Friday (Standard business hours)
Department: Information Security
Salary: $120,000 - $130,000
Responsibilities:
-
Develop, document, and implement information security procedures to enforce compliance with information security standards and policies.
-
Manage a comprehensive monitoring program to identify vulnerabilities, detect security breaches or attempts, and verify compliance with standards and policies.
-
Partner with the IT team to ensure security best practices are being applied and that security risks are identified and remediated.
-
Audit, validate and facilitate adherence to policies, standards, and procedures along ISO 27001 mandates.
-
Lead compliance and IT regulation audits including but not limited to PCI-DSS, ISO27000, SOC2, internal/client audits.
-
Make improvement recommendations to managers at all levels to ensure compliance with laws, standards and policies while managing cyber security risks.
-
Manage relationships with third-party providers of services to the firm. Responsibilities include negotiation of contract language and evaluation of third-party risk related to privacy and security practices.
-
Oversee the development and implementation of hardening procedures for the firm’s servers, desktops, laptops, mobile devices, and cloud services.
-
Maintain significant knowledge of cyber threat actors, attack methodologies and mitigation/ remediation methods.
Education Requirements:
Certification/Degree or equivalent experience in Computer Information Systems
Certification required:
CISSP
Other Education/Certification/Training preferred:
Relevant Industry Certifications such as GIAC, PCIP, CISA, CISM, PCI ISA
Work Experience Requirements:
-
A minimum of 10 years progressive experience in information security
-
5+ years of experience in assessments of controls required for PCI-DSS compliance
-
4+ years of experience is SSAE16 (SOC) audits
-
4+ years of experience in Network Security administration
-
4+ years of experience with security/hardening controls
-
4+ years evaluating security risks & adopting appropriate risk treatment strategies
-
4+ years of experience in managing cloud security
-
4+ years of experience in managing security incidents, system vulnerabilities and threat management programs
-
In-depth knowledge of access control systems and methodology
Other Requirements:
-
Successful candidates to undergo a Credit and Criminal Background Check
-
Successful candidates are required to sign a non-disclosure agreement (NDA) specific to the sensitive information accessed by this team
-
Excellent communication in English, both verbally and in writing
Diversity. Equity. Inclusion.
Unleashing the power of being unique.
We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, color, sex, religion, national origin, disability, pregnancy, marital status, sexual orientation, gender reassignment, veteran status, or other protected category.
At NTT what you do matters. Because here YOU can.
NBIND
