CrawlJobs Logo

Senior Information Security Governance, Risk and Compliance Specialist

nttdata.com Logo

NTT DATA

Location Icon

Location:

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Senior Information Security Governance, Risk and Compliance (GRC) Specialist will oversee the organization's information security program, focusing on governance, risk management, compliance, and policy management. The role requires advanced experience in information security, leading risk assessments, and developing security policies. A bachelor's degree in Information Technology or Computer Science is required, along with relevant security certifications. This position is on-site and offers an opportunity to make a significant impact in a leading technology services company.

Job Responsibility:

  • Leads risk assessments and gap analyses to identify vulnerabilities and recommends risk mitigation strategies
  • Develops and maintains security policies, standards, and procedures
  • Collaborates with legal and compliance teams to ensure adherence to regulatory requirements
  • Provides guidance and support to junior GRC team members
  • Assists in the creation and delivery of security awareness and training programs
  • Participates in security incident response activities as needed
  • Contributes to the continuous improvement of the information security program
  • Assists in policy management and refinement
  • Performs any other related task as required

Requirements:

  • Bachelor’s degree or equivalent in Information Technology or Computer Science degree or related field
  • Security certifications such as CISA, CRISC, COBIT, IIA or equivalent preferred
  • Certifications such as Lead audit/Implementer - ISO 27001, SOC TSP preferred
  • Advanced experience in information security, including GRC-related roles
  • Advanced experience in leading risk assessments, compliance efforts, security awareness initiatives, and policy management
  • Advanced understanding of information security frameworks and standards
  • Advanced proficiency in conducting risk assessments, analyzing security controls, and policy management
  • Excellent communication and interpersonal skills for collaborating with various stakeholders
  • Strong project management skills for handling security initiatives
  • Advanced familiarity with legal and compliance aspects related to information security

Additional Information:

Job Posted:
March 01, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
NTT DATA - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Information Security Governance, Risk and Compliance Specialist

Senior Information Security Specialist

As a Senior Information Security Specialist, you will play a critical role in pr...
Location
Location
United States , Clarksburg
Salary
Salary:
Not provided
imts.us Logo
Innovative Management & Technology Services
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field, or equivalent experience
  • Minimum 7 years of experience in information security, IT risk management, or related roles, preferably in federal or state government environments
  • Strong knowledge of federal cybersecurity frameworks including NIST SP 800-53, OWASP Top 10, DISA STIGs, and Common Criteria
  • Hands-on experience with networking concepts, system administration, and software development practices
  • Proficiency in using Splunk or comparable SIEM tools for security event monitoring, audit log analysis, and incident response
  • Experience working within Agile or Scaled Agile Framework (SAFe) teams and integrating security in fast-paced development environments
  • Excellent communication skills with the ability to convey complex security concepts to technical and non-technical audiences
  • Active Top Secret clearance is required
  • U.S. Citizenship is required
Job Responsibility
Job Responsibility
  • Lead comprehensive reviews of management, operational, personnel, and technical security controls to verify their effectiveness during all phases of the system lifecycle
  • Identify, evaluate, and mitigate technical and operational security risks, threats, vulnerabilities, and weaknesses across diverse information systems
  • Drive compliance efforts with government standards and industry best practices, including NIST, OWASP, Common Criteria, DISA, and SANS Institute guidelines
  • Collaborate within Agile development teams to integrate security throughout the software development lifecycle, supporting secure design, testing, and deployment
  • Utilize hands-on expertise in networking, system administration, and software development to analyze security impacts and recommend improvements
  • Oversee audit log reviews and system alerting using Splunk or similar SIEM platforms to detect, investigate, and respond to security incidents
  • Communicate security findings clearly and effectively to technical teams and leadership, fostering a culture of security awareness and continuous improvement
What we offer
What we offer
  • competitive compensation
  • excellent benefits including tuition reimbursement and employer-contributed 401K
  • referral bonuses
  • Fulltime
Read More
Arrow Right

Chief Information Security Officer

The Chief Information Security Officer (CISO) is responsible for establishing an...
Location
Location
Romania , Bucharest
Salary
Salary:
Not provided
https://www.inetum.com Logo
Inetum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 10 years of experience in a combination of risk management, information security, and IT or operational development functions (at least five years in a senior management leadership role)
  • Proven experience in a senior information security role
  • Strong understanding of cybersecurity frameworks and best practices
  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists
  • Ability to lead and motivate the information security team to achieve tactical and strategic goals, even when only 'dotted line' reporting lines exist
  • Ability to set up and develop a network
  • Relevant certifications (e.g., CISSP, CISM) are a plus
  • Proficient in English
Job Responsibility
Job Responsibility
  • Establish and maintain the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected
  • Lead the development and implementation of a comprehensive cybersecurity program, manage IT risk, and ensure compliance with regulatory requirements
  • Foster a collaborative environment and ensure effective communication across teams
  • Provide strong leadership and manage multiple missions simultaneously
  • Involve in strategic planning and make informed decisions to support the organization's goals
  • Define and promote the entity's cybersecurity governance, including cyber fraud, according to the group framework
  • Emphasize IT risk management and ensure the security of IT production
  • Work closely with the other teams to conduct entity-wide cybersecurity projects and provide expertise
  • Assist and manage cyber crises to minimize impact on the organization
  • Report on the entity's cybersecurity and IT risks to senior management and stakeholders
What we offer
What we offer
  • Full access to foreign language learning platform
  • Personalized access to tech learning platforms
  • Tailored workshops and trainings to sustain your growth
  • Medical subscription
  • Meal tickets
  • Monthly budget to allocate on flexible benefit platform
  • Access to 7 Card services
  • Wellbeing activities and gatherings
  • Fulltime
Read More
Arrow Right

Data and Credit Bureau Attributes Specialist Consumer Credit Risk

The Data & Credit Bureau Attributes Specialist (AVP) - Consumer Credit Risk is r...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in a relevant field (e.g., finance, risk management, information technology)
  • Experience in designing and implementing data governance frameworks that align with regulatory standards
  • Experience with data controls, summarization, and transformation in a credit risk context
  • Experience with modern data integration tools, cloud platforms, and emerging AI technologies
  • Experience in SAS, SAS/Stat, SQL
  • Strong financial management skills with experience managing large-scale data projects
Job Responsibility
Job Responsibility
  • Develop and enforce a governance framework that ensures the accuracy, security, and quality of data throughout its lifecycle
  • Oversee the transformation of raw and disparate data sets into actionable insights that support strategic and tactical decision-making within credit risk frameworks
  • Lead the end-to-end delivery process for building, testing, and deploying data pipelines
  • Ensure that all data driving regulatory reporting is accurate, timely, and adheres to compliance standards
  • Engage with senior stakeholders across Risk, IT, Compliance, and Business units
  • Lead innovation efforts that enhance the automation, scalability, and efficiency of data integration and controls
  • Fulltime
Read More
Arrow Right

Data Protection Adviser

As the Data Protection Adviser, you will support the GDPR Compliance Lead to cha...
Location
Location
United Kingdom
Salary
Salary:
Not provided
pfgl.co.uk Logo
Perspective Financial Group Ltd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Three or more years of experience in data protection compliance, information governance or related field
  • A degree, relevant certifications (e.g., CISSP, CISM, ISO 27001) or equivalent work-related attainment or experience
  • Strong leadership and decision-making skills, with the ability to manage and mitigate organisational risk
  • Excellent communication skills, capable of translating complex security concepts for technical and non-technical audiences
  • Experience of implementing DPIAs, LIAs, Data Processing and Sharing Agreements
  • Proven experience in developing and implementing policy and strategy in data protection and information governance
  • Expertise in information assurance, risk management, audit, and stakeholder engagement
  • Experience of using Data Security and Protection applications such as Microsoft Purview
  • Excellent verbal and written communication skills, with strong attention to detail
Job Responsibility
Job Responsibility
  • Support the business for staff members on matters related to information governance and data protection
  • Support the creation and maintenance of company policies that enable compliance with UK GDPR and information governance best practice
  • Regular evaluation of the existing data protection information governance framework to identify areas of no or partial compliance, and rectify any issues, and continuous improvement
  • Develop training and provide advice to staff members on information governance and data protection
  • Promote a culture of data protection compliance and information governance best practice across all areas of the business
  • Carry out day to day UK GDPR and information governance activities
  • Manage and support the response to UK GDPR Data Subject Rights Requests in a timely and compliant manner
  • Support the timely management of data breach incidents and information governance incidents, including carrying out investigations, route cause analysis, MI and managing external reporting where required
  • Monitor and develop training for information governance and data protection
  • Maintain the organisation’s Record of Processing Activities (RoPA), Statement of Applicability (SOA), Retention Schedule and regulatory requirements
What we offer
What we offer
  • 25 days holiday (rising with length of service) plus Bank Holidays
  • Birthday Leave
  • Holiday Purchase Scheme
  • Life Assurance
  • Pension
  • Corporate Eyecare
  • Extras Discount shopping discounts
  • Cyclescheme
  • Employee Referral Scheme
  • Learning & Development Programme (Perspective Academy)
  • Fulltime
Read More
Arrow Right

Cybersecurity & Access Management – Senior Specialist

Lead the design, implementation, and continuous strengthening of cybersecurity p...
Location
Location
Salary
Salary:
Not provided
hiremoters.ai Logo
HiRemoters
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in cybersecurity, information security, access governance, or IT security architecture roles
  • 8 years experience in cybersecurity, information security, access governance, or IT security architecture roles
  • Strong expertise in cybersecurity frameworks and standards (ISO 27001, NIST, CIS Controls, or equivalent)
  • Hands-on experience with identity and access management systems (Azure Active Directory, role-based access control models)
  • Experience securing cloud environments (Microsoft Azure security tools, security center, identity protection)
  • Knowledge of data protection technologies including encryption, secure data storage, and access monitoring
  • Experience with security monitoring tools, vulnerability management, and risk assessment methodologies
  • Understanding of secure architecture principles for CRM, ERP, and data platforms
  • Familiarity with API security, authentication protocols, and integration security controls
Job Responsibility
Job Responsibility
  • Design, implement, and manage cybersecurity framework across cloud platforms, enterprise systems, and data environments
  • Establish and maintain access governance policies, identity management standards, and role-based access controls across CRM, ERP, and data platforms
  • Continuously monitor and improve the security posture of digital ecosystem, including infrastructure, integrations, and user access patterns
  • Support secure onboarding of new systems, platforms, and integrations by embedding security principles into implementation processes
  • Lead cybersecurity risk assessments and vulnerability mitigation initiatives
  • Define and enforce cybersecurity governance standards across AGF’s digital ecosystem
  • Establish access governance frameworks, including identity lifecycle management and least-privilege principles
  • Contribute to enterprise governance decisions related to data protection, system access, and secure architecture
  • Support policy development related to information security, data protection, and secure systems usage
  • Serve as the technical lead for data protection compliance, including PDP-aligned security practices and access controls
What we offer
What we offer
  • Flexible and Remote Working
  • Career Growth
  • Performance Recognition
  • Health and Fitness Benefits
  • Extra Paid Annual Leave
  • Special Birthday Perk
  • Fulltime
Read More
Arrow Right

Assistant Vice President – Third Party Risk Oversight specialist - TPRO - Consumer Credit Risk

The AVP – Third party risk oversight role is responsible for owning and enhancin...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of experience in Risk management, third-party risk, vendor risk/management or credit risk with a large financial institution
  • US banking regulatory expectations
  • Prior experience operating with consumer credit risk or closely related risk domains
  • Extensive background in managing critical suppliers and regulated third-party relationships
  • Experience active as a risk/process oversight owner or leading risk platforms, frameworks, or governance models
  • Bachelor’s degree in related fields
  • Working knowledge of Vendor relationship management / Vendor risk management/ TPRO
  • Growth mindset with ability to balance risk, compliance and business enablement
  • Excellent stakeholder management and executive communication skills
  • Ability to challenge vendors and internal partners constructively
Job Responsibility
Job Responsibility
  • Product ownership and strategy: Own the end-to-end product vision for third-party risk oversight tools, processes, and controls within consumer credit risk
  • Own the TPRO vision, roadmap, and backlog, ensuring alignment with Citi risk policies and enterprise standards
  • Translate regulatory guidance, Citi policies, and risk requirements into User stories, controls, and functional requirements into scalable risk oversight solutions
  • Prioritize initiatives based on risk severity, regulatory commitments and business impact
  • Third-party Risk oversight: Oversee risk assessment lifecycle for third-party vendors, including: Inherent risk assessments, Due diligence (financial, operations, cyber, data privacy, model risk), Ongoing monitoring and periodic reviews
  • Ensure critical and high- risk vendors undergo enhanced oversight and governance
  • Maintain a risk-tiered vendor inventory aligned with consumer credit risk exposure
  • Supplier and contract management: Ensure supplier contracts meet regulatory, risk and control standard, including: SLAs, KPI, audit and access rights, data protection, information security, confidentiality, BCP/DR (business continuity planning/ Disaster recover), subcontractor and fourth-party controls
  • Track contract milestones, renewals, terminations and renegotiations
  • Proactively identify contracts nearing expirations and drive timely renewals or exit strategies
  • Fulltime
Read More
Arrow Right

Senior Cloud Security Assurance

NTT DATA is one of the world's largest global security service providers, partne...
Location
Location
Romania , Cluj
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Security, Cybersecurity, or a relevant IT field (Master’s degree preferred)
  • Minimum 5-10 years experience in security architecture, compliance, and cloud security roles, working with frameworks such as ISO 27001, NIS/NIS2, or NIST CSF
  • Deep understanding of cloud security principles including management on AWS, and GCP platforms
  • Familiarity with IAM, CASB, SIEM, and container security solutions
  • CISSP or SABSA certifications required
  • Cloud-specific certifications preferred (e.g., AWS Security Specialty, zure Solutions ArchitectA)
  • Direct experience working in government, military, or intelligence organizations advantageous
  • Must meet UK SC Clearance eligibility guidelines
  • Proven ability to collaborate across diverse technical teams, influencing senior stakeholders in an advisory capacity
  • Excellent communication and presentation skills for delivering complex technical concepts to non-specialist audiences
Job Responsibility
Job Responsibility
  • Translate business and compliance requirements into practical, well-documented security architecture designs using recognized frameworks (e.g., ISO 27001, NIST, CIS)
  • Develop, document, and maintain consistent secure architectural patterns with an emphasis on cloud security (AWS, GCP)
  • Implement threat-informed design principles, integrating zero trust architectures and defensive depth strategies to address security gaps and enhance resilience
  • Maintain alignment between security policies, enterprise architecture principles, and client expectations
  • Conduct comprehensive risk assessments and threat modeling to evaluate existing or proposed architectures for vulnerabilities
  • Provide actionable mitigation strategies informed by a risk-based approach and evolving threat intelligence data
  • Participate in or support incident response initiatives, aiding in root cause analysis and the development of post-incident recommendations
  • Act as a trusted advisor to clients by engaging in technical discussions to inform strategic security decisions
  • Collaborate cross-functionally with development, operations, and engineering teams to validate that security controls are effectively implemented across the development lifecycle
  • Deliver technical insights in presentations, workshops, and reports tailored to both technical and executive audiences
What we offer
What we offer
  • Smooth integration and a supportive mentor
  • Pick your working style: choose from Remote, Hybrid or Office work opportunities
  • Projects have different working hours to suit your needs
  • Sponsored certifications, trainings and top e-learning platforms
  • Private Health Insurance
  • Individual coaching sessions or joining our accredited Coaching School
  • Epic parties or themed events
Read More
Arrow Right

Head of Risk & Compliance

Giacom is looking for a Head of Risk & Compliance who will take the lead in deve...
Location
Location
United Kingdom , Nelson
Salary
Salary:
Not provided
giacom.com Logo
Giacom
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Demonstrable prior experience in risk management, ideally in a regulated sector (Telecoms, Utilities, etc.)
  • Proven experience designing and leading an effective ERM and compliance framework in a medium/large organisation
  • Understanding of Health & Safety obligations and the ability to embed effective, risk‑based Health & Safety practices across the organisation
  • Able to translate complex risk‑management concepts into clear, accessible insights for colleagues, investors, and non‑executive Board members, and be recognised as a subject matter expert
  • Ability to build strong relationships and secure buy‑in across the business
  • Deep experience conducting risk assessments across strategic, operational, financial and compliance risks
  • Skilled in developing KRIs, assessing controls, and producing high‑quality management and Board reporting
  • A highly organised, structured, and proactive approach to managing a varied and demanding workload
Job Responsibility
Job Responsibility
  • Lead the Group’s risk management strategy, setting the framework that enables smart, proportionate, business‑friendly risk management
  • Partner with the Executive and senior leadership team to embed a strong, practical risk culture that supports growth and accountability
  • Own all risk reporting to the Board and Executive Committee, ensuring clarity, quality, and strategic insight
  • Facilitate the identification, assessment, and management of risks within our agreed appetite, ensuring mitigation where required
  • Lead on information security governance, ISO27001 compliance, data protection, business continuity, insurance, supplier compliance, and health & safety
  • Provide a strong second line monitoring and assurance function
  • Lead our legal and regulatory compliance programme, including Ofcom, TMBS and global communications regulations
  • Oversee incident reporting, breach investigations, root cause analysis, and regulator engagement
  • Develop, coach, and inspire the Risk & Compliance team leveraging in‑house specialists and external experts (including smart use of AI‑based tools)
  • Manage the Risk & Assurance Committee and Compliance Committee secretariat
What we offer
What we offer
  • Competitive package including car allowance and discretionary bonus
  • Flexible working
  • Investment in your future career with a variety of learning and development opportunities
  • No dress code - embrace the freedom to bring your whole self to work
  • 25 days annual leave, plus bank holidays. You'll even get your birthday off, too!
  • A pension plan for your future
  • Complimentary refreshments in all our offices
  • Fulltime
Read More
Arrow Right