CrawlJobs Logo
NTT DATA Logo NTT DATA · IT - Administration

Senior Security Auditor

Vietnam, Ha Noi · Job Posted April 25, 2026
Apply Position
Job Link Share

Job Description

The Senior Security Auditor at NTT DATA will lead the global supply chain security audit program, focusing on coordinating and executing audits, maintaining audit calendars, and producing operational reports.

Job Responsibility

  • Own day-to-day operations of the global supply chain security audit program, ensuring overall quality control and adherence to customer requirements
  • maintain and continuously update the audit calendar
  • coordinate scheduling with internal stakeholders and third‑party partner sites (e.g., contract manufacturers)
  • plan and execute on-site or virtual audits as required
  • manage audit logistics, evidence requests, meeting agendas, and pre-audit readiness activities
  • assess partner-site network topology and configuration against defined security requirements
  • document gaps, risks, and recommendations
  • produce high-quality audit reports, including findings, severity/risk rationale, and Corrective Action Plans (CAP) where applicable
  • review submitted audit results (from internal/partner contributors) for accuracy, completeness, and quality
  • drive rework where needed
  • track remediation actions and open items
  • coordinate with audit teams and partner-site IT teams to drive timely closure of security gaps and remediation bugs
  • upon request, conduct supply-chain related data security risk assessments and provide written reports with mitigation recommendations
  • may include mock ISMS/ISO 27001 readiness audits
  • support planning and coordination for new security implementations by aligning stakeholders, timelines, and required actions
  • develop slide decks and support kick-off and executive update presentations for partner sites and program stakeholders
  • provide light security operations coordination support
  • deliver regular operational reporting
  • prepare operational forecasts
  • serve as a country or site lead point of contact when assigned
  • maintain strict confidentiality of customer and site information
  • adhere to customer and site IT policies and procedures

Requirements

  • 6–10+ years of experience in security auditing, security assurance, GRC, or security assessments
  • experience with third‑party/vendor or supply-chain audits is highly preferred
  • demonstrated experience running audit program operations: scheduling, readiness, evidence management, reporting, CAP creation, and remediation tracking to closure
  • working knowledge of ISO/IEC 27001 (ISMS) and common security control domains
  • ability to perform readiness reviews and control mapping
  • solid understanding of enterprise networks and security fundamentals to review network topology/configuration and identify control gaps
  • strong stakeholder management and communication skills
  • able to engage with cross-functional internal teams and partner-site IT teams across geographies
  • excellent written English skills with proven ability to produce structured audit reports, executive summaries, KPIs, and forecasts
  • comfortable working across time zones and managing multiple sites/workstreams
  • highly organized and detail-oriented
  • willingness and ability to travel domestically and internationally as required

Nice to have

  • CISA
  • CISSP
  • ISO/IEC 27001 Lead Auditor/Lead Implementer (or equivalent)
  • additional relevant certifications in risk management, audit, or security frameworks
NTT DATA - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Security Auditor

8 matching positions

Senior Information Security Auditor

The Senior Information Security Auditor is responsible for leading internal audi...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong background in ISO standards and GDPR
  • At least 5 years of experience in information security or IT audit roles
  • Excellent communication skills
  • Excellent analytical skills
Job Responsibility
Job Responsibility
  • Leading internal audits
  • Ensuring compliance with security standards
  • Mentoring junior auditors
Read More
Arrow Right

Principal Auditor (Experienced Senior Auditor), Global Payment Network

Capital One is seeking an energetic, self-motivated Principal Auditor interested...
Location
Location
United States , Riverwoods; Chicago; McLean; Plano; New York; Charlotte
Salary
Salary:
119400.00 - 163500.00 USD / Year
capitalone.com Logo
Capital One
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree or military experience
  • At least 3 years of experience in internal or external auditing, accounting, financial analysis, information systems, compliance, risk management or a combination
  • At least 3 years of experience in global payment network operations and banking or financial services, or a combination
Job Responsibility
Job Responsibility
  • Plan, perform, and lead large/complex audits at the enterprise level as well as other diverse lines of business and specialty areas
  • Perform risk assessments of business activities, potential exposures and materiality of loss
  • Design and perform audit procedures, including identifying and defining issues, reviewing and analyzing evidence, and documenting processes
  • Leverage available data and analytical tools during the planning, fieldwork, and reporting phases of audit delivery
  • Effectively review and compile relevant, material findings and recommendations into readable and concise audit reports
  • Communicate the results of audit projects to management via written reports and compelling oral presentations
  • Provide significant input into the development of the annual audit plan
  • Design and execute internal control testing for standardized operations of moderate complexity with more than one component, including finance, IT, compliance, credit, security
  • Provide risk management advice and counsel to business leadership on best practices
  • Establish and maintain good working relationships with line management and auditees during engagements
What we offer
What we offer
  • comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being
  • performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI)
  • Fulltime
Read More
Arrow Right

Technology Senior Auditor

The Technology Senior Auditor participates in the timely delivery of high qualit...
Location
Location
Kenya , Nairobi
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • University Degree (preferably IT related such as Computer Science, Information Technology)
  • At least 5 years of experience of auditing or managing IT infrastructure systems or applications in a medium to large scale environment, preferably in Banking and Finance field, with strong understanding of related IT risks, controls, and regulations
  • Specific areas of experience should include cyber risks and controls within the ICT systems and related third-party connections, cybersecurity framework, understanding of threat and vulnerability assessment tests, and penetration tests
  • Additionally, experience should include Desktop and Server technologies including virtualization and Cloud operations, Databases, Middleware, data and voice networks, Software Development and Production Support practices, Cybersecurity management, and the ITIL general controls processes including IT Governance and IT Program/Project Management
  • Demonstrated analytical ability to understand IT control issues and related risks and controls, to identify root cause and recommending solutions
  • Strong written and verbal communications skills in English with ability to clearly articulate issues and facilitate identification and implementation of solutions
  • Preferred with relevant professional qualifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP)
  • Preferred experience in designing or using Computer Assisted Audit Tools and Techniques (CAATTs)
  • Working knowledge of the modern banking technology systems
  • Good project management and interpersonal skills
Job Responsibility
Job Responsibility
  • Understand and grasp the audit methodology, corporate standards, and internal control processes and use this knowledge to execute audit reviews
  • Participate in technology audits by identifying key risks and controls, develop and execute control assessment plans, draft control issues and present them to the technology management, discussing practical solutions
  • Execute audit assignments through effective collaboration with other audit teams within budgeted timelines and costs
  • Monitor the risk and control environment of the Technology and Cybersecurity operations including emerging risks by interacting with management and providing feedback through the Business Monitoring process
  • Assess impact of applicable regulations to the technology processes and adequacy of controls for compliance
  • Develop and maintain effective line management relationships for a no-surprises approach
  • Assess appropriateness and sustainability of pragmatic solutions for risk mitigation
  • Deliver the audit work assigned to a high quality in accordance with the requirements of the Quality Assurance scorecard/ IA methodology
  • Actively contribute to the automated auditing initiative for efficient and continuous control monitoring
  • Contribute to various corporate strategic initiatives by active participation and proactive stakeholder engagement
  • Fulltime
Read More
Arrow Right

Senior Auditor

The Internal Audit Senior Specialist is part of the North America Internal Audit...
Location
Location
United States , Chicago
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Accounting, Finance, or a related field
  • Proven experience in auditing, including familiarity with Sarbanes-Oxley compliance and SEC regulations
  • Strong knowledge of accounting software systems such as CaseWare or CCH ProSystem Fx
  • Proficiency in preparing and executing audit plans and engagements
  • Ability to analyze and evaluate internal controls, including SOC reports and Information Security Programs
  • Excellent communication skills, with the ability to present findings effectively to senior leadership
  • Demonstrated critical thinking and problem-solving skills
  • Commitment to fostering safe and compliant work environments
Job Responsibility
Job Responsibility
  • Ensure compliance with Securities Exchange Commission (SEC) regulations, Sarbanes-Oxley (SOX) Act, and other relevant legal requirements
  • Perform key report testing to evaluate the reliability of data used in financial reporting
  • Perform automated control testing
  • Understand Segregation of Duties and support in risk identification, monitoring, mitigation, and remediation
  • Analyze SOC 1 (System and Organizational Controls 1) Reports to assess the service organizations internal controls over financial reporting and ability to meet control objectives
  • Evaluate the Information Security Program including recommending updates to existing policies and procedures to help ensure they are in accordance with established industry practice and compliant with federal and state regulations
  • Assist in preparing and presenting audit findings and recommendations to senior leadership through oral presentations and written reports, effectively communicating results, areas of concern, and proposed corrective actions
  • Demonstrate a commitment to communicating, improving and adhering to health, safety and environmental policies in all work environments and areas. Promote a culture of safety and exhibit these behaviors
What we offer
What we offer
  • medical insurance
  • vision insurance
  • dental insurance
  • life insurance
  • disability insurance
  • bonus
  • PTO
  • Fulltime
Read More
Arrow Right

Senior Security Consultant

We have an exciting opportunity for a Senior Security Consultant to join our gro...
Location
Location
United Kingdom , Glasgow or Reading, Berkshire
Salary
Salary:
Not provided
fsp.co Logo
FSP
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience of designing, leading and delivering cyber governance, risk and assurance outcomes
  • Strong knowledge of recognised cyber security frameworks and standards, including ISO/IEC 27001, NIS Directives, NIST, and UK Government Functional Standards
  • Experience aligning security controls to MOD requirements such as DEFSTAN 05-138, JSP 440, JSP 604 and Defence Cyber Resilience policies
  • Experience applying UK Government security and assurance frameworks, including GovAssure, the Cyber Assessment Framework (CAF), Defence Cyber Certification (DCC) and Government Standard (GovS) 007
  • Relevant academic or professional qualifications, such as, an MSc in cyber security or related specialism, Cyber Essentials Assessor, Cyber Assurance Assessor, CISM, CISSP, PCIRM or ISO/IEC 27001 Lead Implementer or Lead Auditor certification
  • Hold, or are actively working towards, Principal or Chartered Cyber Security Professional (ChCSP) status
  • Eligible to work in the UK and able to obtain and maintain UK security clearances
  • Flexibility to work from home, FSP office locations or at times visit client sites
Job Responsibility
Job Responsibility
  • Lead cyber governance, risk and compliance engagements, applying strong knowledge of cyber threats, risks, controls and mitigations to deliver effective security outcomes
  • Engage with clients to understand their threat landscape and business context, conducting risk and compliance assessments against recognised frameworks (e.g. ISO 27001, NIST, SOC 2)
  • Design, review and advise on the implementation and adoption of information security policies, standards, procedures and frameworks
  • Lead cyber and third-party risk assessments, evaluate supplier security posture, and provide risk-based recommendations for supplier selection and oversight
  • Identify control gaps, document findings, and track remediation activities to support assurance and audit outcomes
  • Produce clear, concise risk and compliance reports for executive and C-suite stakeholders, including prioritised mitigation strategies and improvement roadmaps
  • Contribute to thought leadership and continuous improvement by staying current with industry developments and sharing knowledge across the cyber security community
  • Demonstrate strong communication, stakeholder management and mentoring skills, upholding the highest standards of integrity and professionalism
What we offer
What we offer
  • A collaborative and supportive environment in which you can grow and develop your career
  • The tools and opportunity to do work you can be proud of
  • A chance to work alongside some of the best people in the industry, who always seek to share their knowledge and experience
  • Hybrid working – we empower you to make smart choices about when and where to work to achieve great results
  • Industry leading coaching and mentoring
  • Plus the excellent benefits package we offer at FSP
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

We’re looking for a Senior Security Engineer to join the Platform Team at Flanks...
Location
Location
Spain , Barcelona
Salary
Salary:
50000.00 - 70000.00 EUR / Year
flanks.io Logo
Flanks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Deep experience in ethical hacking, pentesting, and secure software design
  • Strong knowledge of Python, JavaScript, Kubernetes, and GCP
  • Ability to understand code, automate security tasks, and design scalable defenses
  • Hands-on with cloud security, appsec, and infra security
  • Self-driven, curious, and collaborative — a true security builder
  • Professional proficiency in both English and Spanish to collaborate effectively in our bilingual environment
Job Responsibility
Job Responsibility
  • Continuously evolve our tools, practices, and culture of security
  • Lead security initiatives across our stack (apps, infrastructure, and processes)
  • Perform pentesting, vulnerability assessments, and incident response
  • Define and implement security controls derived from business processes
  • Collaborate with teams to design secure architectures and validate security requirements
  • Work with auditors and clients to communicate our security posture clearly
What we offer
What we offer
  • A cool office between Sants Estació and Plaça Espanya with stunning views of Barcelona
  • Flexible working hours and hybrid work options
  • Paid day off on your birthday
  • Weekly fresh fruit, coffee, and tea on tap
  • Friday happy hours after our all-hands meetings
  • Team-building events to bond and have fun
  • Health insurance and flexible compensation with Alan
  • A digital canteen, thanks to Nora Real Food, subsidised at 50%
  • A yearly training budget to keep growing
  • Fulltime
Read More
Arrow Right

Information System Security Engineer - Senior

In support of a challenging, critical, and rewarding program that provides integ...
Location
Location
United States , Warrenton
Salary
Salary:
185000.00 USD / Year
amentum.com Logo
Amentum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must have active Top-Secret clearance with SCI or TS with the ability to acquire SCI
  • Knowledge and experience with NESSUS/ACAS and Trellix administration
  • Experience in Splunk role while working in a Splunk Clustered Environment
  • Must be able to work a 40-hour work week, normally Monday through Friday
  • Ability to work overtime during critical peaks and be available to meet last-minute requests for overtime if needed
  • Ability to travel (5-10%) primarily within 75 miles
  • Familiarity with MS Office applications such as Excel, Word, Outlook, SharePoint, Project, and Visio
  • Exceptional attention to detail
  • excellent verbal and written communication skills
  • strong critical thinking, organizational, time-management, and problem-solving skills
Job Responsibility
Job Responsibility
  • Endpoint Security Engineering (Trellix/ePO): Expertly design, configure, and maintain Trellix components (ePO, Trellix Agent, DLP, HIPS, Policy Auditor, ABM, and VSE) across Windows and Linux environments
  • Author and deploy endpoint security policies for ENS modules (Threat Prevention, Firewall, Web Control) based on DISA STIGs and organizational needs
  • Develop custom signatures, rules, and exceptions to address zero-day threats and specific operational requirements
  • Validate custom exceptions to ensure uninterrupted operation of mission-critical processes without compromising compliance
  • Vulnerability Management (ACAS/Nessus): Design enterprise-wide vulnerability scanning strategies and manage the deployment of Security Centers and Nessus scanners
  • Serve as the final escalation point for complex scan issues, credentialing problems, and system communication failures
  • Configure automated reporting of compliance data to continuous monitoring systems and risk-scoring repositories
  • Security Integration & Engineering: Integrate Trellix and ACAS with tools such as Splunk, XSOAR, and ServiceNow to automate workflows and enhance incident response
  • Provide authoritative recommendations and ACAS-generated artifacts to support the Assessment and Authorization (A&A) process and RMF packages for Authority to Operate (ATO)
  • Lead the maintenance and scalability of test, development, and operational environments, collaborating with Network and DevSecOps teams to enhance resilience
What we offer
What we offer
  • Health, dental, and vision insurance
  • Paid time off and holidays
  • Retirement benefits (including 401(k) matching)
  • Educational reimbursement
  • Parental leave
  • Employee stock purchase plan
  • Tax-saving options
  • Disability and life insurance
  • Pet insurance
  • Fulltime
Read More
Arrow Right

Senior IT Security Compliance Engineer

The Senior IT Security Compliance Engineer is responsible for developing, mainta...
Location
Location
Egypt , Cairo
Salary
Salary:
Not provided
arrow.com Logo
Arrow Electronics
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong knowledge of information security principles, risk management, and compliance frameworks, with a solid understanding of ISO 27001 requirements and controls
  • Hands-on experience supporting audits and compliance programs for frameworks such as ISO 27001, SOC 2, CMMC, NIST, or similar
  • GRC-related certification (e.g., CISSP, CISA, CRISC, ISO 27001 Lead Implementer/Lead Auditor) is preferred
  • Experience working in SaaS or technology-driven environments is highly desirable
  • Familiarity with cloud computing platforms and cloud security principles
  • Excellent written and verbal communication skills, with proven ability to produce clear, high-quality security documentation and reports
  • Minimum of 5 years of professional experience in cybersecurity, information security, or compliance-related roles
  • Bachelor’s degree in Computer Engineering, Computer Science, Information Security, or a related field
Job Responsibility
Job Responsibility
  • Develop, review, and maintain IT security policies, standards, procedures, and guidelines in alignment with industry best practices and regulatory requirements
  • Lead and coordinate compliance initiatives for security frameworks and standards, including but not limited to ISO 27001, SOC 2, CMMC, NIST, and internal security assessments
  • Manage audit readiness activities, including documentation preparation, evidence collection, stakeholder coordination, and remediation tracking for internal and external audits
  • Respond to customer and partner security questionnaires, ensuring accurate, consistent, and timely responses
  • Conduct periodic security and risk assessments to evaluate the effectiveness of security controls and identify improvement opportunities
  • Track, manage, and follow up on vulnerability remediation efforts in collaboration with IT, engineering, and operations teams
  • Prepare and deliver security metrics, compliance reports, and executive-level summaries
  • Provide security awareness, training, and education to employees to promote a strong security culture across the organization
  • Support continuous improvement of governance, risk, and compliance (GRC) processes and tooling
  • Fulltime
Read More
Arrow Right