CrawlJobs Logo

Information Security Governance, Risk and Compliance Specialist

nttdata.com Logo

NTT DATA

Location Icon

Location:

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Information Security Governance, Risk and Compliance (GRC) Specialist is a seasoned subject matter expert, responsible for supporting the organization's information security program by assessing risks, implementing security controls, ensuring compliance, managing security awareness initiatives, and contributing to policy development. This role collaborates with internal teams to enhance security practices and maintain a strong security posture.

Job Responsibility:

  • Assists in conducting risk assessments and vulnerability assessments
  • Contributes to the development and maintenance of security policies and procedures
  • Collaborates with internal stakeholders to ensure compliance with industry standards and regulations
  • Participates in security awareness and training initiatives
  • Supports incident response activities and investigations as required
  • Monitors and reports on security compliance metrics
  • Assists in the implementation of security controls and best practices
  • Stays updated with emerging security threats and trends
  • Performs any other related task as required

Requirements:

  • Bachelor’s degree or equivalent in Information Technology or Computer Science degree or related field
  • Security certifications such as CISA, CRISC, COBIT, IIA or equivalent preferred
  • Certifications such as Lead audit/Implementer - ISO 27001, SOC TSP desirable
  • Seasoned experience in information security or related roles
  • Seasoned exposure to risk assessment, compliance, security awareness, or policy development is beneficial
  • Seasoned familiarity with information security frameworks and standards
  • Seasoned understanding of risk assessment methodologies, compliance, and policy development
  • Strong communication and interpersonal skills for effective collaboration
  • Strong attention to detail and ability to follow established processes
  • Seasoned project management skills for coordinating security initiatives

Additional Information:

Job Posted:
March 01, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
NTT DATA - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Information Security Governance, Risk and Compliance Specialist

Senior Information Security Specialist

As a Senior Information Security Specialist, you will play a critical role in pr...
Location
Location
United States , Clarksburg
Salary
Salary:
Not provided
imts.us Logo
Innovative Management & Technology Services
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field, or equivalent experience
  • Minimum 7 years of experience in information security, IT risk management, or related roles, preferably in federal or state government environments
  • Strong knowledge of federal cybersecurity frameworks including NIST SP 800-53, OWASP Top 10, DISA STIGs, and Common Criteria
  • Hands-on experience with networking concepts, system administration, and software development practices
  • Proficiency in using Splunk or comparable SIEM tools for security event monitoring, audit log analysis, and incident response
  • Experience working within Agile or Scaled Agile Framework (SAFe) teams and integrating security in fast-paced development environments
  • Excellent communication skills with the ability to convey complex security concepts to technical and non-technical audiences
  • Active Top Secret clearance is required
  • U.S. Citizenship is required
Job Responsibility
Job Responsibility
  • Lead comprehensive reviews of management, operational, personnel, and technical security controls to verify their effectiveness during all phases of the system lifecycle
  • Identify, evaluate, and mitigate technical and operational security risks, threats, vulnerabilities, and weaknesses across diverse information systems
  • Drive compliance efforts with government standards and industry best practices, including NIST, OWASP, Common Criteria, DISA, and SANS Institute guidelines
  • Collaborate within Agile development teams to integrate security throughout the software development lifecycle, supporting secure design, testing, and deployment
  • Utilize hands-on expertise in networking, system administration, and software development to analyze security impacts and recommend improvements
  • Oversee audit log reviews and system alerting using Splunk or similar SIEM platforms to detect, investigate, and respond to security incidents
  • Communicate security findings clearly and effectively to technical teams and leadership, fostering a culture of security awareness and continuous improvement
What we offer
What we offer
  • competitive compensation
  • excellent benefits including tuition reimbursement and employer-contributed 401K
  • referral bonuses
  • Fulltime
Read More
Arrow Right

Security Vetting Specialist

We are seeking a Security Vetting Specialist to support and process Bulgarian Go...
Location
Location
Bulgaria , Sofia
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Prior knowledge and experience with Bulgarian government security vetting
  • at least 1 year in a similar role is an advantage
  • Understanding of EU GDPR and the Personal Data Protection Act (PDPA)
  • Background in roles requiring strict confidentiality and secure handling of sensitive information
  • University degree preferred
  • Ability to develop effective working relationships with colleagues, partners, and authorities
  • Professionalism in handling adversarial or sensitive situations
  • Strong risk identification and evaluation skills, with capacity for proportionate action
  • Ability to interpret and apply regulations and guidance to specific activities
  • Skilled in the use of IT packages, systems, and databases
Job Responsibility
Job Responsibility
  • Provide support and process all types of security vetting required by the Bulgarian Government, EU, and NATO (new applications, transfers, extensions, renewals)
  • Liaise with the Bulgarian Government, particularly the State Commission on Information Security (SCIS), and other security authorities as appropriate
  • Support the business with advice and guidance in coordination with Government Security Services (GSS)
  • Maintain physical and electronic vetting records, ensuring timely renewals
  • Manage record keeping and control of Aftercare Incident Reporting
  • Attend internal and external stakeholder meetings
  • Assist applicants and act as SME in collating required documentation for the clearance process, including questionnaires, consents, diplomas, certificates, official notes, medical documentation, and notarized declarations, as mandated by Bulgarian law.
What we offer
What we offer
  • Comprehensive suite of benefits that supports physical, financial, and emotional wellbeing
  • Specific programs for personal and professional development
  • Flexibility to manage work and personal needs
  • Inclusive culture that celebrates individual uniqueness.
  • Fulltime
Read More
Arrow Right

Security Program Specialist II

At WHOOP, we're on a mission to unlock human performance and healthspan. WHOOP e...
Location
Location
United States , Boston
Salary
Salary:
85000.00 - 135000.00 USD / Year
whoop.com Logo
Whoop
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2–4 years of professional experience in a security, privacy, compliance, or technical support role
  • Familiarity with security and privacy concepts such as vulnerability reporting, data protection, and regulatory compliance (SOC 2, GDPR, etc.)
  • Strong organizational skills with the ability to coordinate across multiple teams and stakeholders
  • Technical aptitude to perform basic analysis of security reports (e.g., reviewing proof-of-concept exploits, testing reproduction steps)
  • Excellent written and verbal communication skills, with the ability to explain technical issues to non-technical stakeholders
  • Interest in growing your career in either engineering (security/product) or information security (governance, risk, and compliance)
Job Responsibility
Job Responsibility
  • Triage and evaluate bug bounty submissions, escalating valid vulnerabilities to engineering for remediation and coordinating response
  • Perform level 1 troubleshooting for member-reported privacy or security concerns, ensuring issues are routed appropriately
  • Coordinate responses to auditor and regulator requests, including gathering SOC and compliance evidence
  • Partner with Product Security Engineers to organize and document threat modeling sessions, leaning on technical experts for deep technical details
  • Track and communicate the status of security issues, ensuring timely follow-up and resolution
  • Support process improvements to make WHOOP’s security and privacy operations more efficient
  • Develop, maintain, and track KPIs that measure the effectiveness of product security programs and provide visibility into team performance and risk reduction
  • Work closely with software teams across the department to adopt and rollout new tooling and security process changes
What we offer
What we offer
  • equity
  • benefits
  • Fulltime
Read More
Arrow Right

Information Assurance Specialist

The Information Assurance/Security Engineer will provide security engineering an...
Location
Location
United States , Bethesda
Salary
Salary:
Not provided
anavationllc.com Logo
AnaVation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active TS/SCI Clearance with CI Polygraph
  • Bachelor’s degree in Network Engineering, Computer Science or related technical field plus 5-7 years of Cyber Security/Operations support
  • DoD 8140 IAT Level II Certification (CCNA-Security, CySA+, CND, Security+)
  • Documenting network schemas and cyber operation tool solutions
  • Knowledgeable regarding compliance with: ICD 503, FISMA, OMB, NIST, and DoD (8150.01 March 12, 2014) [Risk Management Framework and Cyber Network Defense…], and other mandated security regulations and standards
  • Knowledge and experience with managing and monitoring compliance with Privileged User Access (PUA), Data Transfer Access (DTA), and Removable Media Custodian (RMC) privileges, forms, and signatures
  • Support to vulnerability management, patching, information assurance and/or ATO process for Classified DoD or IC environments
  • Demonstrated documentation writing for security plans, tests, and reports
  • Must demonstrate strong teamwork, communication (both verbal and written), and presentation skills
  • Must demonstrate strong initiative to accept new technical challenges in complex security engineering assignments
Job Responsibility
Job Responsibility
  • Provide security engineering and information assurance support to the Government’s Assessment and Authorization (A&A) process to maintain Authority to Operate (ATO) and Authority to Connect (ATC) for mission applications and services
  • Designs, develops, monitors and documents security controls, security testing, security reporting, and plan of actions and milestones (POA&Ms) throughout systems and application lifecycles in support of mission systems
  • Provides security engineering design inputs, security design reviews, and security best practices as part of technical and change requests
  • Configures and validates secure systems, physical controls, and tests security products and systems to detect security weaknesses
  • Maintains XACTA security records for supported systems
What we offer
What we offer
  • Generous cost sharing for medical insurance for the employee and dependents
  • 100% company paid dental insurance for employees and dependents
  • 100% company paid long-term and short term disability insurance
  • 100% company paid vision insurance for employees and dependents
  • 401k plan with generous match and 100% immediate vesting
  • Competitive Pay
  • Generous paid leave and holiday package
  • Tuition and training reimbursement
  • Life and AD&D Insurance
  • Fulltime
Read More
Arrow Right

Chief Information Security Officer

The Chief Information Security Officer (CISO) is responsible for establishing an...
Location
Location
Romania , Bucharest
Salary
Salary:
Not provided
https://www.inetum.com Logo
Inetum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 10 years of experience in a combination of risk management, information security, and IT or operational development functions (at least five years in a senior management leadership role)
  • Proven experience in a senior information security role
  • Strong understanding of cybersecurity frameworks and best practices
  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists
  • Ability to lead and motivate the information security team to achieve tactical and strategic goals, even when only 'dotted line' reporting lines exist
  • Ability to set up and develop a network
  • Relevant certifications (e.g., CISSP, CISM) are a plus
  • Proficient in English
Job Responsibility
Job Responsibility
  • Establish and maintain the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected
  • Lead the development and implementation of a comprehensive cybersecurity program, manage IT risk, and ensure compliance with regulatory requirements
  • Foster a collaborative environment and ensure effective communication across teams
  • Provide strong leadership and manage multiple missions simultaneously
  • Involve in strategic planning and make informed decisions to support the organization's goals
  • Define and promote the entity's cybersecurity governance, including cyber fraud, according to the group framework
  • Emphasize IT risk management and ensure the security of IT production
  • Work closely with the other teams to conduct entity-wide cybersecurity projects and provide expertise
  • Assist and manage cyber crises to minimize impact on the organization
  • Report on the entity's cybersecurity and IT risks to senior management and stakeholders
What we offer
What we offer
  • Full access to foreign language learning platform
  • Personalized access to tech learning platforms
  • Tailored workshops and trainings to sustain your growth
  • Medical subscription
  • Meal tickets
  • Monthly budget to allocate on flexible benefit platform
  • Access to 7 Card services
  • Wellbeing activities and gatherings
  • Fulltime
Read More
Arrow Right

Data and Credit Bureau Attributes Specialist Consumer Credit Risk

The Data & Credit Bureau Attributes Specialist (AVP) - Consumer Credit Risk is r...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in a relevant field (e.g., finance, risk management, information technology)
  • Experience in designing and implementing data governance frameworks that align with regulatory standards
  • Experience with data controls, summarization, and transformation in a credit risk context
  • Experience with modern data integration tools, cloud platforms, and emerging AI technologies
  • Experience in SAS, SAS/Stat, SQL
  • Strong financial management skills with experience managing large-scale data projects
Job Responsibility
Job Responsibility
  • Develop and enforce a governance framework that ensures the accuracy, security, and quality of data throughout its lifecycle
  • Oversee the transformation of raw and disparate data sets into actionable insights that support strategic and tactical decision-making within credit risk frameworks
  • Lead the end-to-end delivery process for building, testing, and deploying data pipelines
  • Ensure that all data driving regulatory reporting is accurate, timely, and adheres to compliance standards
  • Engage with senior stakeholders across Risk, IT, Compliance, and Business units
  • Lead innovation efforts that enhance the automation, scalability, and efficiency of data integration and controls
  • Fulltime
Read More
Arrow Right

TPRM Specialist

A highly motivated and hands-on professional to join the Supply Chain Security (...
Location
Location
Netherlands , Amsterdam
Salary
Salary:
Not provided
levy-professionals.com Logo
Levy Professionals
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Knowledge and experience with setting up projects & deliverables within supply chain security / Third-Party Risk Management (TPRM)
  • Proven experience in executing information security risk assessments
  • Knowledgeable on one or more areas such as security processes, technology architectures, network security, application security, and vulnerability management
  • Experience with the ServiceNow TPRM module is a significant advantage
  • HBO or University degree
  • Excellent stakeholder management skills
  • A strong ability to translate technical risks into business risks and vice versa
  • Hands-on, self-organised, willing to finish and deliver (execution power)
  • Service-oriented professional who enjoys taking on an internal consultancy role
  • The working language within the team is English
Job Responsibility
Job Responsibility
  • Govern and manage IT vendor relationships concerning performance on the security aspects of underlying contractual obligations
  • Execute Vendor Security Risk Assessments and perform necessary follow-up actions, focusing on material risks
  • Ensure that information security risks are identified and managed effectively throughout all stages of the relationship with external vendors
  • Review the applicability and quality level of assurance reports issued by third parties
  • Manage the IT security-related part of vendor contracts, working closely with 2nd line functions such as legal, compliance, and procurement on contractual changes
  • Actively stay up-to-date with emerging cyber security trends, risk, and threat developments, and share this knowledge to help integrate them into the assessment program
  • Help solve security-related questions, take initiative, and escalate in time if needed
  • Signal improvements related to the way of working inside the team and contribute to improving the excellence of the service offering
  • Work according to the DevOps & Agile methodology, improving Supply Chain Security services based on user stories
  • Occasionally investigate and resolve incidents as they occur
Read More
Arrow Right

Information Security Governance Specialist

iCapital is looking to hire a Vice President Information Security Governance Spe...
Location
Location
United States , Greenwich; New York
Salary
Salary:
150000.00 - 180000.00 USD / Year
icapital.com Logo
iCapital Network
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7-10 years of experience in information security governance, compliance, or risk management in a financial service, fintech, or technology-driven environment
  • Bachelor’s degree in information security, risk management, or a related field
  • Strong written and verbal communication skills
  • Excellent analytical and problem-solving skills
  • Able to manage multiple priorities and deadlines in a fast-paced environment
  • Comfortable engaging with senior leaders
  • Knowledge of cybersecurity frameworks (ISO, CIS, NIST, SOC 2) and audit processes
  • CISM, CRISC, or CISSP certifications are preferred
Job Responsibility
Job Responsibility
  • Assist in authoring, maintaining, and updating security governance policies and standards to align with industry frameworks and management direction
  • Evaluate the organization’s information security program against common frameworks (e.g., ISO 27001, CIS, NIST 800-53, SOC 2) and applicable regulations (e.g., NYDFS, DORA, FFIEC, GDPR)
  • Identify gaps and recommend control enhancements to align with compliance requirements
  • Review and negotiate information security sections of client and vendor contracts in partnership with the Legal team
  • Ensure contractual obligations meet internal security standards, regulatory expectations, and reasonability
  • Collaborate with Technology, Information Security, and Risk teams to design, document, and enhance security controls for infrastructure, applications, and data
  • Coordinate responses for internal and regulatory audits for information security team
What we offer
What we offer
  • Equity for all full-time employees
  • Annual performance bonus
  • Employer matched retirement plan
  • Generously subsidized healthcare with 100% employer paid dental, vision, telemedicine, and virtual mental health counseling
  • Parental leave
  • Unlimited paid time off (PTO)
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy