CrawlJobs Logo
NTT DATA Logo NTT DATA · IT - Administration

Senior Information Security Governance, Risk and Compliance Specialist

· Job Posted March 01, 2026
Apply Position
Job Link Share

Job Description

The Senior Information Security Governance, Risk and Compliance (GRC) Specialist will oversee the organization's information security program, focusing on governance, risk management, compliance, and policy management. The role requires advanced experience in information security, leading risk assessments, and developing security policies. A bachelor's degree in Information Technology or Computer Science is required, along with relevant security certifications. This position is on-site and offers an opportunity to make a significant impact in a leading technology services company.

Job Responsibility

  • Leads risk assessments and gap analyses to identify vulnerabilities and recommends risk mitigation strategies
  • Develops and maintains security policies, standards, and procedures
  • Collaborates with legal and compliance teams to ensure adherence to regulatory requirements
  • Provides guidance and support to junior GRC team members
  • Assists in the creation and delivery of security awareness and training programs
  • Participates in security incident response activities as needed
  • Contributes to the continuous improvement of the information security program
  • Assists in policy management and refinement
  • Performs any other related task as required

Requirements

  • Bachelor’s degree or equivalent in Information Technology or Computer Science degree or related field
  • Security certifications such as CISA, CRISC, COBIT, IIA or equivalent preferred
  • Certifications such as Lead audit/Implementer - ISO 27001, SOC TSP preferred
  • Advanced experience in information security, including GRC-related roles
  • Advanced experience in leading risk assessments, compliance efforts, security awareness initiatives, and policy management
  • Advanced understanding of information security frameworks and standards
  • Advanced proficiency in conducting risk assessments, analyzing security controls, and policy management
  • Excellent communication and interpersonal skills for collaborating with various stakeholders
  • Strong project management skills for handling security initiatives
  • Advanced familiarity with legal and compliance aspects related to information security
NTT DATA - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Information Security Governance, Risk and Compliance Specialist

8 matching positions

Senior Information Security Specialist

As a Senior Information Security Specialist, you will play a critical role in pr...
Location
Location
United States , Clarksburg
Salary
Salary:
Not provided
imts.us Logo
Innovative Management & Technology Services
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field, or equivalent experience
  • Minimum 7 years of experience in information security, IT risk management, or related roles, preferably in federal or state government environments
  • Strong knowledge of federal cybersecurity frameworks including NIST SP 800-53, OWASP Top 10, DISA STIGs, and Common Criteria
  • Hands-on experience with networking concepts, system administration, and software development practices
  • Proficiency in using Splunk or comparable SIEM tools for security event monitoring, audit log analysis, and incident response
  • Experience working within Agile or Scaled Agile Framework (SAFe) teams and integrating security in fast-paced development environments
  • Excellent communication skills with the ability to convey complex security concepts to technical and non-technical audiences
  • Active Top Secret clearance is required
  • U.S. Citizenship is required
Job Responsibility
Job Responsibility
  • Lead comprehensive reviews of management, operational, personnel, and technical security controls to verify their effectiveness during all phases of the system lifecycle
  • Identify, evaluate, and mitigate technical and operational security risks, threats, vulnerabilities, and weaknesses across diverse information systems
  • Drive compliance efforts with government standards and industry best practices, including NIST, OWASP, Common Criteria, DISA, and SANS Institute guidelines
  • Collaborate within Agile development teams to integrate security throughout the software development lifecycle, supporting secure design, testing, and deployment
  • Utilize hands-on expertise in networking, system administration, and software development to analyze security impacts and recommend improvements
  • Oversee audit log reviews and system alerting using Splunk or similar SIEM platforms to detect, investigate, and respond to security incidents
  • Communicate security findings clearly and effectively to technical teams and leadership, fostering a culture of security awareness and continuous improvement
What we offer
What we offer
  • competitive compensation
  • excellent benefits including tuition reimbursement and employer-contributed 401K
  • referral bonuses
  • Fulltime
Read More
Arrow Right

Data and Credit Bureau Attributes Specialist Consumer Credit Risk

The Data & Credit Bureau Attributes Specialist (AVP) - Consumer Credit Risk is r...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in a relevant field (e.g., finance, risk management, information technology)
  • Experience in designing and implementing data governance frameworks that align with regulatory standards
  • Experience with data controls, summarization, and transformation in a credit risk context
  • Experience with modern data integration tools, cloud platforms, and emerging AI technologies
  • Experience in SAS, SAS/Stat, SQL
  • Strong financial management skills with experience managing large-scale data projects
Job Responsibility
Job Responsibility
  • Develop and enforce a governance framework that ensures the accuracy, security, and quality of data throughout its lifecycle
  • Oversee the transformation of raw and disparate data sets into actionable insights that support strategic and tactical decision-making within credit risk frameworks
  • Lead the end-to-end delivery process for building, testing, and deploying data pipelines
  • Ensure that all data driving regulatory reporting is accurate, timely, and adheres to compliance standards
  • Engage with senior stakeholders across Risk, IT, Compliance, and Business units
  • Lead innovation efforts that enhance the automation, scalability, and efficiency of data integration and controls
  • Fulltime
Read More
Arrow Right

Senior Analyst – Security Operations Center, Operations Technology

Are You Ready to Make It Happen at Mondelēz International? Join our Mission to L...
Location
Location
Philippines
Salary
Salary:
Not provided
remotivatejobs.com Logo
RemotivateJobs
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Information security, compliance and risk management
  • Security solutions and their applicability to Mondelēz International
  • Security strategies, awareness campaigns, policies/standards and governance
  • Communicating effectively with technical specialists, leaders and peers
  • Analytical and problem-solving abilities
  • Being a team player by supporting and leading to achieve common goals
Job Responsibility
Job Responsibility
  • Assess information security risks in line with internal policy and external best practices
  • Support the security of information and IT assets by testing security systems and applying security standards, policies, and procedures
  • Under the guidance of the global information security lead, implement cyber security technology and provide day-to-day business support
  • Manage third-party providers to ensure that any internal or third-party adhere to standards
  • Provide information security training to appropriate teams
  • Fulltime
Read More
Arrow Right

Data Protection Adviser

As the Data Protection Adviser, you will support the GDPR Compliance Lead to cha...
Location
Location
United Kingdom
Salary
Salary:
Not provided
pfgl.co.uk Logo
Perspective Financial Group Ltd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Three or more years of experience in data protection compliance, information governance or related field
  • A degree, relevant certifications (e.g., CISSP, CISM, ISO 27001) or equivalent work-related attainment or experience
  • Strong leadership and decision-making skills, with the ability to manage and mitigate organisational risk
  • Excellent communication skills, capable of translating complex security concepts for technical and non-technical audiences
  • Experience of implementing DPIAs, LIAs, Data Processing and Sharing Agreements
  • Proven experience in developing and implementing policy and strategy in data protection and information governance
  • Expertise in information assurance, risk management, audit, and stakeholder engagement
  • Experience of using Data Security and Protection applications such as Microsoft Purview
  • Excellent verbal and written communication skills, with strong attention to detail
Job Responsibility
Job Responsibility
  • Support the business for staff members on matters related to information governance and data protection
  • Support the creation and maintenance of company policies that enable compliance with UK GDPR and information governance best practice
  • Regular evaluation of the existing data protection information governance framework to identify areas of no or partial compliance, and rectify any issues, and continuous improvement
  • Develop training and provide advice to staff members on information governance and data protection
  • Promote a culture of data protection compliance and information governance best practice across all areas of the business
  • Carry out day to day UK GDPR and information governance activities
  • Manage and support the response to UK GDPR Data Subject Rights Requests in a timely and compliant manner
  • Support the timely management of data breach incidents and information governance incidents, including carrying out investigations, route cause analysis, MI and managing external reporting where required
  • Monitor and develop training for information governance and data protection
  • Maintain the organisation’s Record of Processing Activities (RoPA), Statement of Applicability (SOA), Retention Schedule and regulatory requirements
What we offer
What we offer
  • 25 days holiday (rising with length of service) plus Bank Holidays
  • Birthday Leave
  • Holiday Purchase Scheme
  • Life Assurance
  • Pension
  • Corporate Eyecare
  • Extras Discount shopping discounts
  • Cyclescheme
  • Employee Referral Scheme
  • Learning & Development Programme (Perspective Academy)
  • Fulltime
Read More
Arrow Right
New

Senior Specialist Technology Governance

The Senior Specialist: Technology Governance plays a crucial role in ensuring th...
Location
Location
South Africa , Bellville
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
June 05, 2026
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in information technology, Computer Science, Engineering, Business, or a related field
  • Postgraduate qualification (advantageous but not mandatory)
  • COBIT (Foundation / Design & Implementation)
  • ITIL (Foundation or higher)
  • ISO (27001/ 20000-1) certification
  • Analytical & Critical Thinking: Ability to analyse complex governance, risk, and control scenarios and form sound professional judgements
  • Technology Governance Acumen: Strong working knowledge of technology governance frameworks, risk management, and compliance standards
  • Communication & Influence: Ability to engage credibly with senior stakeholders and translate technical assurance concepts into business‑relevant insights
  • Integrity & Independence: Demonstrates objectivity and professional judgement while maintaining effective working relationships
  • Continuous Improvement Mindset: Uses governance as an enabler of operational effectiveness and value delivery
Job Responsibility
Job Responsibility
  • Conduct governance reviews of technology services, programmes, and vendors
  • Apply established governance frameworks (COBIT, ISO 27001, ITIL) to assess control adherence
  • Identify and document key technology risks, control gaps, and operational vulnerabilities, and remediation plans
  • Partner with Risk and Compliance teams to define mitigation and remediation plans
  • Work closely with technology leaders, risk owners, and external auditors to align on control effectiveness and audit readiness
  • Promote awareness of governance, risk, and compliance principles across the organisation
  • Continuously review governance frameworks and propose improvements for efficiency and transparency
  • Support the implementation and continuous improvement of IT policies and control frameworks
  • Ensure all technology domains (infrastructure, applications, data, cybersecurity, and vendor management) have effective control coverage
  • Track and report control performance metrics and compliance scores
  • Fulltime
!
Read More
Arrow Right

Cybersecurity & Access Management – Senior Specialist

Lead the design, implementation, and continuous strengthening of cybersecurity p...
Location
Location
Salary
Salary:
Not provided
hiremoters.ai Logo
HiRemoters
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in cybersecurity, information security, access governance, or IT security architecture roles
  • 8 years experience in cybersecurity, information security, access governance, or IT security architecture roles
  • Strong expertise in cybersecurity frameworks and standards (ISO 27001, NIST, CIS Controls, or equivalent)
  • Hands-on experience with identity and access management systems (Azure Active Directory, role-based access control models)
  • Experience securing cloud environments (Microsoft Azure security tools, security center, identity protection)
  • Knowledge of data protection technologies including encryption, secure data storage, and access monitoring
  • Experience with security monitoring tools, vulnerability management, and risk assessment methodologies
  • Understanding of secure architecture principles for CRM, ERP, and data platforms
  • Familiarity with API security, authentication protocols, and integration security controls
Job Responsibility
Job Responsibility
  • Design, implement, and manage cybersecurity framework across cloud platforms, enterprise systems, and data environments
  • Establish and maintain access governance policies, identity management standards, and role-based access controls across CRM, ERP, and data platforms
  • Continuously monitor and improve the security posture of digital ecosystem, including infrastructure, integrations, and user access patterns
  • Support secure onboarding of new systems, platforms, and integrations by embedding security principles into implementation processes
  • Lead cybersecurity risk assessments and vulnerability mitigation initiatives
  • Define and enforce cybersecurity governance standards across AGF’s digital ecosystem
  • Establish access governance frameworks, including identity lifecycle management and least-privilege principles
  • Contribute to enterprise governance decisions related to data protection, system access, and secure architecture
  • Support policy development related to information security, data protection, and secure systems usage
  • Serve as the technical lead for data protection compliance, including PDP-aligned security practices and access controls
What we offer
What we offer
  • Flexible and Remote Working
  • Career Growth
  • Performance Recognition
  • Health and Fitness Benefits
  • Extra Paid Annual Leave
  • Special Birthday Perk
  • Fulltime
Read More
Arrow Right

Assistant Vice President – Third Party Risk Oversight specialist - TPRO - Consumer Credit Risk

The AVP – Third party risk oversight role is responsible for owning and enhancin...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of experience in Risk management, third-party risk, vendor risk/management or credit risk with a large financial institution
  • US banking regulatory expectations
  • Prior experience operating with consumer credit risk or closely related risk domains
  • Extensive background in managing critical suppliers and regulated third-party relationships
  • Experience active as a risk/process oversight owner or leading risk platforms, frameworks, or governance models
  • Bachelor’s degree in related fields
  • Working knowledge of Vendor relationship management / Vendor risk management/ TPRO
  • Growth mindset with ability to balance risk, compliance and business enablement
  • Excellent stakeholder management and executive communication skills
  • Ability to challenge vendors and internal partners constructively
Job Responsibility
Job Responsibility
  • Product ownership and strategy: Own the end-to-end product vision for third-party risk oversight tools, processes, and controls within consumer credit risk
  • Own the TPRO vision, roadmap, and backlog, ensuring alignment with Citi risk policies and enterprise standards
  • Translate regulatory guidance, Citi policies, and risk requirements into User stories, controls, and functional requirements into scalable risk oversight solutions
  • Prioritize initiatives based on risk severity, regulatory commitments and business impact
  • Third-party Risk oversight: Oversee risk assessment lifecycle for third-party vendors, including: Inherent risk assessments, Due diligence (financial, operations, cyber, data privacy, model risk), Ongoing monitoring and periodic reviews
  • Ensure critical and high- risk vendors undergo enhanced oversight and governance
  • Maintain a risk-tiered vendor inventory aligned with consumer credit risk exposure
  • Supplier and contract management: Ensure supplier contracts meet regulatory, risk and control standard, including: SLAs, KPI, audit and access rights, data protection, information security, confidentiality, BCP/DR (business continuity planning/ Disaster recover), subcontractor and fourth-party controls
  • Track contract milestones, renewals, terminations and renegotiations
  • Proactively identify contracts nearing expirations and drive timely renewals or exit strategies
  • Fulltime
Read More
Arrow Right
New

Senior Information Assurance Specialist

This role is at Spirit AeroSystems, Inc., a wholly owned subsidiary of The Boein...
Location
Location
United States , Wichita
Salary
Salary:
102600.00 - 157300.00 USD / Year
boeing.com Logo
Boeing
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • High School Diploma or GED
  • 10+ years of related professional experience
  • Must be able to obtain a CISSP and/or CISM Certification within first 6 months of employment
  • Ability to obtain a U.S. Secret Security Clearance and Special Program Access (for which the U.S. Government requires U.S. Citizenship)
  • U.S. Citizenship required
Job Responsibility
Job Responsibility
  • Monitor laws, regulations, industry standards and best practices related to confidentiality, integrity and availability of information and ensure the implementation of these standards in the organization as required
  • Develop, maintain and interpret policies and procedures related to the protection of systems, networks, people, information and property
  • Perform compliance and assessment activities related to information security, data privacy, incident management and risk management
  • Collaboratively develop risk mitigation plans with subject matter experts and ensure accountability for these actions
  • Assess compliance, security, and control risks related to information systems and technical infrastructure
  • Develop training and education materials and promote information security awareness
  • Translate complex, technical concepts into business-relevant terms to facilitate effective decision making by non-technical personnel
  • Support audit activities - both internal and external, related to information security
  • May oversee and manage the DoD accreditation of secure operating systems and networks
  • Collaborate with federal oversight/regulatory agencies to ensure company/program compliance to DoD requirements
What we offer
What we offer
  • competitive base pay and variable compensation opportunities
  • health insurance
  • flexible spending accounts
  • health savings accounts
  • retirement savings plans
  • life and disability insurance programs
  • paid and unpaid time away from work
  • Kansas Aviation tax credit up to $5,000 per year for up to five years
  • generous company match to 401(k)
  • industry-leading tuition assistance program
  • Fulltime
Read More
Arrow Right