CrawlJobs Logo
NTT DATA Logo NTT DATA · IT - Administration

Information Security Risk and Compliance Advisor

India, Noida · Job Posted June 03, 2026
Apply Position
Job Link Share

Job Description

The NTT DATA Services Security Analysis Specialist Advisor works to ensure the seamless delivery of all information security services that NTT DATA provides to the customer. This is an individual contributor role in which the person acts as a trusted information security partner with the customer and works collaboratively to understand, anticipate and recommend risk mitigation while promoting the overall information security protection for the customer’s information assets. You will partner with client to align information security with the customer’s business strategy, security policies and regulatory and compliance requirements resulting in increased protection and reduced risk.

Job Responsibility

  • Ensure the delivery of information security services to the customer in compliance with the contract and any applicable standards and regulatory requirements (e.g., PCI, SOX)
  • Assist client in the definition and implementation of information security policies, strategies, procedures and settings to ensure confidentiality, integrity and availability of client’s environment and data
  • Participate with customer in the strategic design process to translate security and business requirements into processes and systems
  • evaluating new / emerging security products and technologies and making recommendations to customer leadership in regards to the security posture impact on the organization
  • Identify, review and recommend information security improvements as they relate to the achievement of the customer’s business goals and objectives
  • Participate in internal and external audits for the customer (e.g., SOX, PCI) and coordinate information security services activities
  • Drive remediation efforts related to information security
  • remediation may be from incidents, penetration tests, vulnerability scans, internal/external audits and Critical Practice assessments
  • Identify information security weaknesses and/or gaps in the customer’s current operations and work with the customer to bring information security operations up to standards
  • Participate and represent IT Security in Delivery/Operational meetings
  • Review service management reports to ensure tickets (i.e., incidents, problems, requests, changes), related to information security, are being acknowledged, worked and Service Level Agreements are being met
  • provide direction on ticket remediation and ensure remediation is complete

Requirements

  • 10+ years of relevant experience
  • Knowledge of standards / regulations impacting information security (e.g., PCI, HIPAA, SOX)
  • Applied knowledge of risk management concepts
  • Experience with information security internal & external audits, contract compliance, and quality initiatives

Nice to have

  • At least one of the following certifications: CISSP, SSCP, CISM, CEH
  • Undergraduate or graduate degree
  • Customer relationship management experience at the senior level
  • Strong knowledge of systems and network administration (i.e., desktop, server)
  • Knowledge and application of Globally Accepted Information Security Principles
  • Strong knowledge of network security that pertains to communications, computer system environments and related infrastructures
  • Thorough knowledge of server and desktop configurations that will protect systems from unauthorized access and software invasion
NTT DATA - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Information Security Risk and Compliance Advisor

8 matching positions

Information Security Officer

The Information Security Technology Lead Analyst is a senior level professional ...
Location
Location
United Kingdom , Belfast
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven relevant experience
  • Advanced proficiency with Microsoft Office tools and software
  • Consistently demonstrates clear and concise written and verbal communication
  • Established influencing and relationship management capabilities that contribute to strategic alignment and execution
  • Proven analytical skills and a strong sense of curiosity, with the ability to uncover the root causes and understand the true nature of complex security and risk issues
  • Familiarity with enterprise technologies including cloud platforms, APIs, identity management, and data protection practices
  • Demonstrated knowledge of secure design principles and security frameworks.
Job Responsibility
Job Responsibility
  • Identify opportunities to automate and standardize information security controls and for the supported groups
  • Support technical and business teams to resolve any vulnerabilities or issues detected in an application or infrastructure
  • Act as a trusted advisor to business and technology teams, providing pragmatic guidance on cybersecurity risks, controls, and requirements
  • Translate technical security concepts into business-relevant language to inform leadership decisions and drive action
  • Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions
  • Direct the development and delivery of secure solutions by coordinating with business and technical contacts
  • Participate in information security assessments across applications, infrastructure, and business processes, ensuring that non-compliant items are addressed in coordination with relevant stakeholders
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency
  • Contribute to the growth of less technical colleagues through knowledge-sharing, contextual guidance, and translating complex security concepts into practical understanding.
What we offer
What we offer
  • Competitive base salary (which is annually reviewed)
  • 27 days annual leave (plus bank holidays)
  • A discretional annual performance related bonus
  • Private Medical Care & Life Insurance
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Access to an array of learning and development resources.
  • Fulltime
Read More
Arrow Right

Senior Information Security Consultant (QSA)

PGI is a global consultancy that helps organisations build digital resilience. W...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
pgitl.com Logo
Protection Group International
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven relationship management skills and experience in Information Assurance consultancy
  • Qualified Security Assessor (QSA) experience with valid PCI-DSS QSA accreditation with a minimum of 2 years of experience performing PCI DSS compliance consultancy
  • Familiarity with PCI DSS and NIST CSF
  • Experience in conducting risk assessments, cyber security maturity evaluations, and remediation strategies
  • Strong communication skills, able to present to clients and senior stakeholders
  • A collaborative, solutions-oriented mindset with excellent time-management skills
Job Responsibility
Job Responsibility
  • Provide expert guidance to clients, supporting both pre-sales and delivery, and establishing trusted advisor relationships to drive compliance and security improvements
  • Lead and deliver hands-on PCI DSS compliance consultancy, performing assessments, gap analyses, and remediation strategies tailored to client needs
  • Act as a subject matter expert in PCI DSS compliance and Governance, Risk, and Compliance (GRC), advising clients on regulatory compliance, risk management, and information security best practices
  • Contribute to PGI’s consultancy growth by aligning services with emerging trends and industry standards. Drive PGI’s accreditations and assist with maintaining ISO 27001, PCI DSS and data protection compliance
  • Mentor junior team members, contribute to the recruitment process, and oversee third-party relationships to ensure project profitability and delivery quality
  • Stay ahead of industry trends, emerging security threats, and best practices to maintain professional growth and continuously improve PGI’s consultancy offerings
Read More
Arrow Right

Senior Information System Security Officer

We are seeking a highly skilled and mission-driven Senior Information Systems Se...
Location
Location
United States , Clarksburg
Salary
Salary:
Not provided
imts.us Logo
Innovative Management & Technology Services
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or a related field (or equivalent combination of education and experience)
  • 8+ years of progressive experience in information systems security, with at least 3 years in a senior-level or lead ISSO role supporting federal or state government agencies
  • Strong working knowledge of: NIST 800-53, RMF, FISMA, OWASP Top 10, and SANS Institute standards
  • SAFe Agile environments and integrating security in Agile workflows
  • Networking, Linux/Windows system administration, and secure software development practices
  • Cloud platforms (AWS, Azure, GCP) and related security tools (e.g., AWS Security Hub, Azure Defender)
  • Experience in managing security documentation, participating in audits, and working with compliance frameworks
  • Relevant certifications such as CISSP, CISM, Security+, CEH, or equivalent
  • Active Top Secret clearance is required
  • U.S. Citizenship is required
Job Responsibility
Job Responsibility
  • Lead the implementation and maintenance of system security controls in compliance with federal cybersecurity frameworks, including NIST SP 800-53, RMF, OWASP, DISA STIGs, and Common Criteria
  • Oversee the full lifecycle of Authorization to Operate (ATO) processes, including preparation of System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, and risk assessments
  • Serve as a senior security advisor and liaison to system owners, developers, DevOps engineers, and government stakeholders
  • Participate in technical reviews of system architecture and ensure secure design of virtualized and software-defined infrastructures
  • Support integration of security controls into CI/CD pipelines using DevSecOps principles and tools (e.g., Jenkins, GitLab CI, SonarQube, Snyk)
  • Provide security engineering support for modern cloud environments, including AWS, Azure, or Google Cloud Platform, and assess cloud-native security capabilities
  • Conduct vulnerability assessments, interpret scan results from tools like Tenable, Nessus, Splunk, or Qualys, and lead remediation efforts
  • Mentor junior ISSOs and analysts on security policies, best practices, and tool usage
  • Ensure continuous monitoring activities are aligned with organizational risk tolerance and compliance goals
What we offer
What we offer
  • competitive compensation
  • excellent benefits including tuition reimbursement and employer-contributed 401K
  • referral bonuses
  • Fulltime
Read More
Arrow Right

Account Security Officer

HPE Operations is our innovative IT services organization. It provides the exper...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in security policy, process, guidelines & procedures development and in doing security assessments based on industry standards such as ISO27001 and/or NIST
  • Ability to communicate with internal and external senior management confidently and professionally, breakdown and communicate complex concepts and issues into easily consumable written and verbal communications
  • High level of autonomy under general direction, and ability to independently complete, as well as lead team in the delivery of complex projects with multiple deliverables and technologies
  • Can demonstrate innovation and thought leadership through problem solving, new ideas, experience, or forward-thinking concepts
  • Strong interpersonal and written communication skills
  • Ability and willingness to travel, also across the countries
  • Ease to communicate at all levels, including management level presentations and summaries
  • Understanding of Cyber and IT security risks, threats and prevention measures
  • Experience in writing technical reports that analyze and interpret results
  • Understanding of security standards and best practices
Job Responsibility
Job Responsibility
  • Works closely with Managed Services teams to provide HPE’s customer with security governance reports and continuous feedback
  • Strategically aligned with HPE and HPE’s customer’s security initiatives
  • Accountable for all security-related compliance and delivery for the assigned Customer
  • Drives engagement with broader HPE teams to support Customer requirements
  • Actively manages and maintains ownership of cybersecurity risk management
  • Oversees implementation of security-related projects for the assigned Customer
  • Manages new and emerging Customer security policy requirements
  • Key participant in the Change Advisory Board (CAB) for the assigned Customer
  • Owns ongoing management and implementation of Customer-specific Security Incident Response Plan
  • Owns development and ongoing management of Customer-specific Account Security Handbook
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Risk & Controls Manager

FloQast is looking for a Risk & Controls Manager to join our growing InfoSec & C...
Location
Location
India , Pune
Salary
Salary:
Not provided
floqast.com Logo
FloQast
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree
  • 6+ years of experience in compliance, risk management, information security, or a related field, with SaaS industry experience preferred
  • Strong general compliance expertise, including areas such as privacy, security, and IT general controls
  • Familiarity with compliance frameworks such as ISO, SOC, and SOX standards
  • Strong communication and interpersonal skills, with the ability to collaborate effectively across global teams and time zones
  • Highly organized, detail-oriented, and proactive in identifying and addressing compliance risks
  • Flexible and adaptable in a high-growth, fast-paced environment
Job Responsibility
Job Responsibility
  • Serve as a risk and controls advisor for FloQast’s India operations, acting as an internal resource for compliance-related questions and initiatives
  • Support FloQast’s security and compliance programs by ensuring adherence to applicable ISO, SOC, and SOX standards
  • Collaborate with internal stakeholders to review, maintain, and align documentation, policies, and procedures with audit and regulatory expectations
  • Conduct and document compliance impact assessments, covering risk, privacy, and AI considerations to support organizational decision-making
  • Assist with the intake and evaluation of product roadmap changes, customer success initiatives, and consulting partner engagements to identify potential compliance risks and propose mitigations
  • Coordinate vendor reviews and assist with procurement needs in support of third-party risk management activities
  • Evaluate and track control objectives specific to India operations, ensuring alignment with enterprise compliance frameworks
  • Respond to compliance-related inquiries from internal teams with clear, actionable guidance
  • Oversee resiliency risk for FloQast’s India operations, ensuring readiness for potential business disruptions and alignment with enterprise business continuity practices
  • Assist with business continuity planning activities, including maintaining documentation and supporting periodic plan reviews
  • Fulltime
Read More
Arrow Right

Head of Security and Compliance

The Head of Security and Compliance will be responsible for building and leading...
Location
Location
United States
Salary
Salary:
Not provided
eightsleep.com Logo
Eight Sleep
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8-10+ years of experience in security engineering, with deep expertise in mobile app security, IoT device security, or cloud infrastructure security
  • Proven expertise in cybersecurity, cloud infrastructure security (AWS), IoT device security, and corporate risk management
  • Experience in consumer technology, health tech, or regulated industries is highly desirable
  • Strong knowledge of compliance standards (SOC 2, ISO 27001, HIPAA, GDPR, etc.)
  • Excellent communication and stakeholder management skills
  • Ability to balance risk with business agility in a fast-paced startup environment
Job Responsibility
Job Responsibility
  • Oversight and implementation, operation and monitoring of information security tools and processes in customer production environments
  • Responsible for conducting IT risk assessments, documenting identified threats and maintaining risk register
  • Communicates information security risks to executive leadership
  • Reports information security risks annually to Eight Sleep leadership and gains approvals to bring risks to acceptable levels
  • Define and own Eight Sleep’s end-to-end security strategy across cloud, product, corporate, and customer environments
  • Serve as the primary security advisor to the executive team—translating risk into clear business decisions and helping set the company’s security posture and risk tolerance
  • Build and scale Eight Sleep’s security program, including roadmap, processes, metrics, and future team structure
  • Oversee security architecture and practices for software, cloud infrastructure, connected devices (IoT), and data storage
  • Ensure compliance with security frameworks (e.g., SOC 2, GDPR, HIPAA)
  • Lead vulnerability management, threat detection, and incident response
What we offer
What we offer
  • Equity participation
  • Periodic equity refreshments based on performance
  • Every Eight Sleep employee receives a Pod
  • Fulltime
Read More
Arrow Right

Security Consultant

BluBiz Solutions is currently seeking an experienced Security Consultant to prov...
Location
Location
Australia , Melbourne
Salary
Salary:
Not provided
blubiz.com.au Logo
BluBiz Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 5 years of relevant IT, Assurance, Risk Management, or Cybersecurity support experience
  • Experience in Implementation of information security industry standards (ISO27001, PCIDSS) and other best practice frameworks for Enterprise clients
  • Proven experience in conducting security assessments such as VAPT evaluation, and documentation of client environment, infrastructure, processes, and operations
  • Ability to influence technical and management leaders to achieve the best Cyber Security outcomes
  • Extensive knowledge of security frameworks such as TOGAF, ISO-27001, NIST, HIPPA and PCI
  • Demonstrate the ability to translate business needs into architecture requirements
  • Strong business and risk analysis skills to drive security outcomes
  • Experience in architecting enterprise network and security solutions
  • Experience in working with one or multiple vendor solutions such as Cisco, Fortinet, Palo Alto
  • Strong client-facing skills with the ability to build relationships
Job Responsibility
Job Responsibility
  • Provide consultancy to clients on information security and architectural decisions
  • Be a trusted advisor and lead for delivery of cybersecurity and risk consulting client engagements that will include governance, risk and compliance reviews
  • Assist in driving growth of Cybersecurity and Risk practice through building solutions, and leading proposal development
  • Develop and deliver security strategy, architecture, and design for BluBiz clients
  • Deliver technical presentations tailored for technical and non-technical audiences from IT manager, executive and C-Level
  • Develop high-level and detailed security requirements relating to new opportunities
  • Prepare overall solution design, architecture, and implementation plan
  • Provide technical leadership to enterprise customers through a range of presales support functions including, supporting product evaluations, pre-sales technical consultation, post-sales support advocacy, and proactive needs analysis
  • Assist with networking and security solutions, product plans and roadmaps
Read More
Arrow Right

Security Governance Analyst

As a Technology Security Governance Analyst, you will support and manage element...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
fortnumandmason.com Logo
Fortnum & Mason
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience of security and compliance standards frameworks such as ISO 27001, ISO 22301, GDPR, PCI-DSS, NIST, and ACPO guidelines
  • Understanding of UK legal frameworks including the Data Protection Act and Computer Misuse Act
  • Understanding of Microsoft infrastructure including Windows Server Administrator, Active Directory AAD Administrator, Group Policy, and Microsoft 365 services and Azure Cloud resource management
  • Microsoft SQL Server
  • PowerShell scripting
  • Identity & Access Management (IAM), Expertise in Microsoft Entra ID (formerly Azure AD), role-based access control (RBAC), and multi-factor authentication (MFA)
  • Cloud Security, Experience securing Azure environments, including Microsoft Defender for Cloud, Sentinel, and compliance frameworks like PCIDSS
  • Threat Protection & Incident Response: Ability to identify vulnerabilities, implement threat protection, and respond to security incidents
  • Patch Management & Endpoint Security: Understanding of patching, importance of regular updates, patching, and endpoint protection across Windows and Azure environments
  • Familiarity with backup and disaster recovery tools and practices
Job Responsibility
Job Responsibility
  • Own and manage the process for third party information security assurance to ensure that ongoing security assessments are undertaken and that contractual agreements reflect information security requirements
  • Support information security awareness throughout the organisation including managing phishing awareness campaigns and delivering and supporting training and awareness to specific user groups
  • Support management and investigation of any information security incidents including ensuring that incident logs are maintained, and any actions / lessons learned are addressed
  • Support Fortnum & Masons PCI compliance program including ensuring evidence of compliance is collated and maintained and undertaking audit checks within stores
  • Manage the process for Information Security Risk Management to ensure that all information security risks are owned and documented and remediated to an agreed and accepted level
  • Support the process for project engagements to ensure that Information Security requirements are defined for each project, Architectural design documents are reviewed to ensure appropriate controls are in place and testing and acceptance processes are in place to ensure that agreed controls have been implemented
  • Serve as a hands-on Security Analyst, proactively identifying opportunities for improvement and delivering security enhancements to our systems
  • Collaborate with partners to ensure the security of the Cisco Meraki network, taking an initiative-taking stance in mitigating risks and initiative-taking patch management
  • Assist with internal and external vulnerability assessments, working with security partners to maintain PCIDSS compliance, overcome security challenges, and drive continuous improvements align to the NIST framework/ISO271002 standards
  • Report and review our secure device imaging using Microsoft Intune & Autopilot, ensuring a standardized, scalable, and resilient setup for retail, hospitality POS, and all corporate end user devices
What we offer
What we offer
  • A generous store and restaurant discount of up to 40%
  • 25 days holidays (excluded bank holidays) and an extra day off for your birthday
  • A fantastic subsidised staff restaurant which uses Fortnum’s ingredients
  • A range of opportunities to develop and grow personally and professionally
  • Excellent pension scheme
  • Fulltime
Read More
Arrow Right