CrawlJobs Logo

Senior Information Security Governance, Risk and Compliance Specialist

nttdata.com Logo

NTT DATA

Location Icon

Location:

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Senior Information Security Governance, Risk and Compliance (GRC) Specialist will oversee the organization's information security program, focusing on governance, risk management, compliance, and policy management. The role requires advanced experience in information security, leading risk assessments, and developing security policies. A bachelor's degree in Information Technology or Computer Science is required, along with relevant security certifications. This position is on-site and offers an opportunity to make a significant impact in a leading technology services company.

Job Responsibility:

  • Leads risk assessments and gap analyses to identify vulnerabilities and recommends risk mitigation strategies
  • Develops and maintains security policies, standards, and procedures
  • Collaborates with legal and compliance teams to ensure adherence to regulatory requirements
  • Provides guidance and support to junior GRC team members
  • Assists in the creation and delivery of security awareness and training programs
  • Participates in security incident response activities as needed
  • Contributes to the continuous improvement of the information security program
  • Assists in policy management and refinement
  • Performs any other related task as required

Requirements:

  • Bachelor’s degree or equivalent in Information Technology or Computer Science degree or related field
  • Security certifications such as CISA, CRISC, COBIT, IIA or equivalent preferred
  • Certifications such as Lead audit/Implementer - ISO 27001, SOC TSP preferred
  • Advanced experience in information security, including GRC-related roles
  • Advanced experience in leading risk assessments, compliance efforts, security awareness initiatives, and policy management
  • Advanced understanding of information security frameworks and standards
  • Advanced proficiency in conducting risk assessments, analyzing security controls, and policy management
  • Excellent communication and interpersonal skills for collaborating with various stakeholders
  • Strong project management skills for handling security initiatives
  • Advanced familiarity with legal and compliance aspects related to information security

Additional Information:

Job Posted:
March 01, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
NTT DATA - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Information Security Governance, Risk and Compliance Specialist

Senior Information Security Specialist

As a Senior Information Security Specialist, you will play a critical role in pr...
Location
Location
United States , Clarksburg
Salary
Salary:
Not provided
imts.us Logo
Innovative Management & Technology Services
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field, or equivalent experience
  • Minimum 7 years of experience in information security, IT risk management, or related roles, preferably in federal or state government environments
  • Strong knowledge of federal cybersecurity frameworks including NIST SP 800-53, OWASP Top 10, DISA STIGs, and Common Criteria
  • Hands-on experience with networking concepts, system administration, and software development practices
  • Proficiency in using Splunk or comparable SIEM tools for security event monitoring, audit log analysis, and incident response
  • Experience working within Agile or Scaled Agile Framework (SAFe) teams and integrating security in fast-paced development environments
  • Excellent communication skills with the ability to convey complex security concepts to technical and non-technical audiences
  • Active Top Secret clearance is required
  • U.S. Citizenship is required
Job Responsibility
Job Responsibility
  • Lead comprehensive reviews of management, operational, personnel, and technical security controls to verify their effectiveness during all phases of the system lifecycle
  • Identify, evaluate, and mitigate technical and operational security risks, threats, vulnerabilities, and weaknesses across diverse information systems
  • Drive compliance efforts with government standards and industry best practices, including NIST, OWASP, Common Criteria, DISA, and SANS Institute guidelines
  • Collaborate within Agile development teams to integrate security throughout the software development lifecycle, supporting secure design, testing, and deployment
  • Utilize hands-on expertise in networking, system administration, and software development to analyze security impacts and recommend improvements
  • Oversee audit log reviews and system alerting using Splunk or similar SIEM platforms to detect, investigate, and respond to security incidents
  • Communicate security findings clearly and effectively to technical teams and leadership, fostering a culture of security awareness and continuous improvement
What we offer
What we offer
  • competitive compensation
  • excellent benefits including tuition reimbursement and employer-contributed 401K
  • referral bonuses
  • Fulltime
Read More
Arrow Right

Chief Information Security Officer

The Chief Information Security Officer (CISO) is responsible for establishing an...
Location
Location
Romania , Bucharest
Salary
Salary:
Not provided
https://www.inetum.com Logo
Inetum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 10 years of experience in a combination of risk management, information security, and IT or operational development functions (at least five years in a senior management leadership role)
  • Proven experience in a senior information security role
  • Strong understanding of cybersecurity frameworks and best practices
  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists
  • Ability to lead and motivate the information security team to achieve tactical and strategic goals, even when only 'dotted line' reporting lines exist
  • Ability to set up and develop a network
  • Relevant certifications (e.g., CISSP, CISM) are a plus
  • Proficient in English
Job Responsibility
Job Responsibility
  • Establish and maintain the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected
  • Lead the development and implementation of a comprehensive cybersecurity program, manage IT risk, and ensure compliance with regulatory requirements
  • Foster a collaborative environment and ensure effective communication across teams
  • Provide strong leadership and manage multiple missions simultaneously
  • Involve in strategic planning and make informed decisions to support the organization's goals
  • Define and promote the entity's cybersecurity governance, including cyber fraud, according to the group framework
  • Emphasize IT risk management and ensure the security of IT production
  • Work closely with the other teams to conduct entity-wide cybersecurity projects and provide expertise
  • Assist and manage cyber crises to minimize impact on the organization
  • Report on the entity's cybersecurity and IT risks to senior management and stakeholders
What we offer
What we offer
  • Full access to foreign language learning platform
  • Personalized access to tech learning platforms
  • Tailored workshops and trainings to sustain your growth
  • Medical subscription
  • Meal tickets
  • Monthly budget to allocate on flexible benefit platform
  • Access to 7 Card services
  • Wellbeing activities and gatherings
  • Fulltime
Read More
Arrow Right

Data and Credit Bureau Attributes Specialist Consumer Credit Risk

The Data & Credit Bureau Attributes Specialist (AVP) - Consumer Credit Risk is r...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in a relevant field (e.g., finance, risk management, information technology)
  • Experience in designing and implementing data governance frameworks that align with regulatory standards
  • Experience with data controls, summarization, and transformation in a credit risk context
  • Experience with modern data integration tools, cloud platforms, and emerging AI technologies
  • Experience in SAS, SAS/Stat, SQL
  • Strong financial management skills with experience managing large-scale data projects
Job Responsibility
Job Responsibility
  • Develop and enforce a governance framework that ensures the accuracy, security, and quality of data throughout its lifecycle
  • Oversee the transformation of raw and disparate data sets into actionable insights that support strategic and tactical decision-making within credit risk frameworks
  • Lead the end-to-end delivery process for building, testing, and deploying data pipelines
  • Ensure that all data driving regulatory reporting is accurate, timely, and adheres to compliance standards
  • Engage with senior stakeholders across Risk, IT, Compliance, and Business units
  • Lead innovation efforts that enhance the automation, scalability, and efficiency of data integration and controls
  • Fulltime
Read More
Arrow Right

Information Security Governance Specialist

iCapital is looking to hire a Vice President Information Security Governance Spe...
Location
Location
United States , Greenwich; New York
Salary
Salary:
150000.00 - 180000.00 USD / Year
icapital.com Logo
iCapital Network
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7-10 years of experience in information security governance, compliance, or risk management in a financial service, fintech, or technology-driven environment
  • Bachelor’s degree in information security, risk management, or a related field
  • Strong written and verbal communication skills
  • Excellent analytical and problem-solving skills
  • Able to manage multiple priorities and deadlines in a fast-paced environment
  • Comfortable engaging with senior leaders
  • Knowledge of cybersecurity frameworks (ISO, CIS, NIST, SOC 2) and audit processes
  • CISM, CRISC, or CISSP certifications are preferred
Job Responsibility
Job Responsibility
  • Assist in authoring, maintaining, and updating security governance policies and standards to align with industry frameworks and management direction
  • Evaluate the organization’s information security program against common frameworks (e.g., ISO 27001, CIS, NIST 800-53, SOC 2) and applicable regulations (e.g., NYDFS, DORA, FFIEC, GDPR)
  • Identify gaps and recommend control enhancements to align with compliance requirements
  • Review and negotiate information security sections of client and vendor contracts in partnership with the Legal team
  • Ensure contractual obligations meet internal security standards, regulatory expectations, and reasonability
  • Collaborate with Technology, Information Security, and Risk teams to design, document, and enhance security controls for infrastructure, applications, and data
  • Coordinate responses for internal and regulatory audits for information security team
What we offer
What we offer
  • Equity for all full-time employees
  • Annual performance bonus
  • Employer matched retirement plan
  • Generously subsidized healthcare with 100% employer paid dental, vision, telemedicine, and virtual mental health counseling
  • Parental leave
  • Unlimited paid time off (PTO)
  • Fulltime
Read More
Arrow Right

Vp, Information Security

About BlackRock: BlackRock’s purpose is to help more and more people experience ...
Location
Location
China , Shanghai
Salary
Salary:
Not provided
blackrock.com Logo
BlackRock Investments
Expiration Date
April 30, 2026
Flip Icon
Requirements
Requirements
  • At least 10 years of full-time work experience in information security management and/or related functions (Technology Risk Management, Technology Infrastructure Management) with information security management qualifications such as CISSP, SANs, CRISC, CISM etc.
  • Knowledge of enterprise technology platforms, from the desktop through to back end infrastructure would be considered an advantage
  • Exceptional interpersonal skills with ability to communicate with senior leaders and technology teams alike.
  • Ability to work independently and adapt to changing business priorities
  • Detail oriented individual, with a keen eye towards details
  • Experience and good knowledge of Identity Governance and Identity Lifecycle management
  • Proficiencies in one or more of the following technical IT security domains or equivalent: Network Security, Cloud Governance, Cyber Operations, Forensics, Access and Identity Management Governance etc.
  • Knowledge of domestic China cyber and technological regulations, or experience in dealing with regulators and clients in relation to cybersecurity focused topics during regulatory examinations or client due diligence sessions will be a plus
  • Strong proficiencies in both English and Mandarin (Verbal/Written)
  • Hands-on team leadership and management experience, ideally coupled with suitable management qualifications
Job Responsibility
Job Responsibility
  • Be responsible for providing information security leadership in the BEM, driving security activities and projects, as well as developing and optimizing the FMC’s capabilities across core disciplines of Information security
  • Information Security Governance and Reporting
  • Cyber Security Operations Management, in partnership with other BlackRock Entities in China
  • Security Risk Assessments and Vulnerability Management
  • Application Security
  • Maintain and evolve security policies and standards for the BlackRock China, in conjunction with evolving regulatory and operational security requirements
  • Provide security advisory to Business and IT partners in the development of security controls and solutions to manage cyber risks for the firm
  • Identity and Access Management, including privilege access management
  • Compliance to regulatory security requirements
  • Take on the pivotal role in overseeing and governing the AIM program spanning the realms of identity & access governance, entitlements recertification's and associated identity & access lifecycle management procedures. The individual will also be required to guide the AIM Program Lead and provide support in administering the access rights to China employees for required access to core systems where the need arises.
What we offer
What we offer
  • Strong retirement plan
  • Tuition reimbursement
  • Comprehensive healthcare
  • Support for working parents
  • Flexible Time Off (FTO)
  • Fulltime
Read More
Arrow Right

Data Protection Adviser

As the Data Protection Adviser, you will support the GDPR Compliance Lead to cha...
Location
Location
United Kingdom
Salary
Salary:
Not provided
pfgl.co.uk Logo
Perspective Financial Group Ltd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Three or more years of experience in data protection compliance, information governance or related field
  • A degree, relevant certifications (e.g., CISSP, CISM, ISO 27001) or equivalent work-related attainment or experience
  • Strong leadership and decision-making skills, with the ability to manage and mitigate organisational risk
  • Excellent communication skills, capable of translating complex security concepts for technical and non-technical audiences
  • Experience of implementing DPIAs, LIAs, Data Processing and Sharing Agreements
  • Proven experience in developing and implementing policy and strategy in data protection and information governance
  • Expertise in information assurance, risk management, audit, and stakeholder engagement
  • Experience of using Data Security and Protection applications such as Microsoft Purview
  • Excellent verbal and written communication skills, with strong attention to detail
Job Responsibility
Job Responsibility
  • Support the business for staff members on matters related to information governance and data protection
  • Support the creation and maintenance of company policies that enable compliance with UK GDPR and information governance best practice
  • Regular evaluation of the existing data protection information governance framework to identify areas of no or partial compliance, and rectify any issues, and continuous improvement
  • Develop training and provide advice to staff members on information governance and data protection
  • Promote a culture of data protection compliance and information governance best practice across all areas of the business
  • Carry out day to day UK GDPR and information governance activities
  • Manage and support the response to UK GDPR Data Subject Rights Requests in a timely and compliant manner
  • Support the timely management of data breach incidents and information governance incidents, including carrying out investigations, route cause analysis, MI and managing external reporting where required
  • Monitor and develop training for information governance and data protection
  • Maintain the organisation’s Record of Processing Activities (RoPA), Statement of Applicability (SOA), Retention Schedule and regulatory requirements
What we offer
What we offer
  • 25 days holiday (rising with length of service) plus Bank Holidays
  • Birthday Leave
  • Holiday Purchase Scheme
  • Life Assurance
  • Pension
  • Corporate Eyecare
  • Extras Discount shopping discounts
  • Cyclescheme
  • Employee Referral Scheme
  • Learning & Development Programme (Perspective Academy)
  • Fulltime
Read More
Arrow Right

Head of Information Security

As River Island’s Head of Information Security, you’ll play a strategic and hand...
Location
Location
United Kingdom , West London
Salary
Salary:
Not provided
riverisland.com Logo
River Island
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in a senior information security role, ideally within a complex, multi-channel retail or technology environment
  • Strong technical grounding across key security domains: network, cloud, endpoint, application, and data security
  • Experience managing or working with vulnerability management tools, SIEM/SOC environments, and incident response processes
  • Familiarity with frameworks and standards such as ISO 27001, NIST, CIS, PCI DSS, and GDPR
  • Excellent communication and stakeholder management skills, with the ability to influence at all levels of the organisation
  • Analytical, pragmatic, and calm under pressure — with a focus on enabling the business, not blocking it
Job Responsibility
Job Responsibility
  • Define, implement, and evolve River Island’s information security strategy in line with business objectives, regulatory obligations, and risk appetite
  • Lead the development and maintenance of Information Security policies, standards, and controls, ensuring alignment with frameworks such as ISO 27001, NIST CSF, and the SANS Top 18
  • Define and report security KPIs/KRIs to senior management to senior leadership representing risk posture, compliance status, and strategic improvement initiatives
  • Own and manage the Information Security Risk Register
  • ensure risks are assessed, documented, and mitigated effectively
  • Lead compliance efforts across GDPR, PCI DSS, and other applicable regulations
  • Conduct and coordinate enterprise-wide risk assessments, audits, and internal reviews
  • Champion a pragmatic, risk-based approach to security — balancing protection, productivity, and customer experience
  • Own and govern IAM standards (RBAC, joiner/mover/leaver, privileged access, MFA, SSO) across corporate, store and customer-facing platforms
  • Oversee operational security activities, including threat detection, vulnerability management, and incident response
What we offer
What we offer
  • Generous 50% staff discount so you can treat yourself to the latest products, and a bargain staff shop on site
  • Reducing Islanders everyday expenses through discounts, benefits, financial advice, wellbeing solutions and more through Reward Gateway
  • A free onsite gym, subsidised restaurant & café to fill you needs
  • Various social events to socialise throughout the year
  • Every family is unique, we support Islanders with all different family setups enhanced maternity, paternity, adoption & fertility treatment
  • We also work closely with the Retail Trust to create dedicated support for all our Islanders
  • Flexible working is a given, on top of payday and summer early finish Fridays
  • Give as you earn scheme, a ‘Giver Island’ day each year and receive matched funding
  • Support with upskilling through on the job training and qualifications
  • A succession plan if you want to progress
  • Fulltime
Read More
Arrow Right

Assistant Vice President – Third Party Risk Oversight specialist - TPRO - Consumer Credit Risk

The AVP – Third party risk oversight role is responsible for owning and enhancin...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of experience in Risk management, third-party risk, vendor risk/management or credit risk with a large financial institution
  • US banking regulatory expectations
  • Prior experience operating with consumer credit risk or closely related risk domains
  • Extensive background in managing critical suppliers and regulated third-party relationships
  • Experience active as a risk/process oversight owner or leading risk platforms, frameworks, or governance models
  • Bachelor’s degree in related fields
  • Working knowledge of Vendor relationship management / Vendor risk management/ TPRO
  • Growth mindset with ability to balance risk, compliance and business enablement
  • Excellent stakeholder management and executive communication skills
  • Ability to challenge vendors and internal partners constructively
Job Responsibility
Job Responsibility
  • Product ownership and strategy: Own the end-to-end product vision for third-party risk oversight tools, processes, and controls within consumer credit risk
  • Own the TPRO vision, roadmap, and backlog, ensuring alignment with Citi risk policies and enterprise standards
  • Translate regulatory guidance, Citi policies, and risk requirements into User stories, controls, and functional requirements into scalable risk oversight solutions
  • Prioritize initiatives based on risk severity, regulatory commitments and business impact
  • Third-party Risk oversight: Oversee risk assessment lifecycle for third-party vendors, including: Inherent risk assessments, Due diligence (financial, operations, cyber, data privacy, model risk), Ongoing monitoring and periodic reviews
  • Ensure critical and high- risk vendors undergo enhanced oversight and governance
  • Maintain a risk-tiered vendor inventory aligned with consumer credit risk exposure
  • Supplier and contract management: Ensure supplier contracts meet regulatory, risk and control standard, including: SLAs, KPI, audit and access rights, data protection, information security, confidentiality, BCP/DR (business continuity planning/ Disaster recover), subcontractor and fourth-party controls
  • Track contract milestones, renewals, terminations and renegotiations
  • Proactively identify contracts nearing expirations and drive timely renewals or exit strategies
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy