Program manager - Security Analysis Sr. Specialist Advisor

Req ID: 319386 

NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.

We are currently seeking a Program manager - Security Analysis Sr. Specialist Advisor to join our team in Noida, Uttar Pradesh (IN-UP), India (IN).

Information Security GRC Program Manager responsibilities include:

Program Leadership & Strategy

• Evaluate, interpret, and ensure clarity of audit, compliance, and risk obligations and objectives.
• Develop and manage the comprehensive GRC Program, integrating and leading Audit and Compliance, TPRM, and Cybersecurity Risk to ensure delivery of a cohesive GRC Program.
• Collaborate with Senior Leadership to align GRC initiatives with organizational objectives.
• Support implementation of GRC frameworks, policies, and best practices.
• Establish strategic partnerships and cross-organizational relationships with control owners, second line-of-defense, Enterprise Risk, privacy leaders, and others to enable GRC program effectiveness.
• Develop GRC Program Roadmap highlighting opportunities and recommendations for continuous GRC Program improvement.

Audit & Compliance:

• Maintain awareness of the annual internal audit plan.
• Drive the collection and management of audit evidence ensuring adherence to regulatory requirements for internal and external inspection: SOX, PCI, GDPR, CCPA, and other frameworks.
• Participate in audit lifecycle engagement with auditor(s) to address scope creep, unwarranted audit findings, and other issues or escalations.
• Drive remediation of audit findings and provide guidance related to development of a formal management response, remediation plan approval, control validation, and closure of findings.
• Escalation point-of-contact for Audit and Compliance service.

Risk Management

• Drive Cybersecurity Risk Assessment & Remediation Support ensuring that risk mitigation measures are effectively implemented and monitored.
• Ensure cross-functional collaboration to address identified control gaps or weaknesses.
• Provide oversight related to automated Third-Party Risk Management (TPRM) function, ensuring the identification, assessment, and mitigation of risks associated with vendors.
• Escalation point-of-contact for Risk Management service.

Governance

• Develop and present executive-level reports, dashboards, metrics that provide insights related to audit and compliance, risk posture, GRC Program effectiveness, and progress toward initiatives.
• Promote strong governance practices.
• Understand, drive implementation, and/or alignment to control procedures; ensure compliance with all applicable policies, regulatory requirements, and standards.
• Monitor changes in Security, Regulatory, and Privacy requirements; provide guidance related to such changes.

Required Skills & Experience:

• Bachelor’s degree: Cybersecurity, Information Technology, Risk Management, or related field
• One or more professional certifications: CISA, CISSP, CRISC, CISM, CGEIT, or equivalent
• 7+ years in a Cybersecurity, GRC, or IT Risk Management role, with at least 3 years in a program management capacity
• One or more professional certifications: CISSP, CISA, CRISC, PCI QSA, CISM, or equivalent
• Effective communication, presentation, interpersonal relationship building, and business acumen
• Strong understanding and application of risk management frameworks and security/regulatory control frameworks including SOX, PCI-DSS, GDPR, NIST 800-53, NIST CSF, NIST RMF, NIS2 and similar frameworks
• Proven ability to manage complex large-scale projects
• Strong leadership, problem-solving, and decision-making abilities.
• Attention to detail and ability to work independently and collaboratively
• Ability to remove obstacles, enforce compliance objectives, and drive stakeholders to ensure timely delivery of GRC services
• Ability to manage competing priorities and comfortable to work through ambiguity

Desired Skills / Certs:

• Experience in a hybrid/cloud infrastructure environment with complex regulatory requirements
• Experience with GRC tools and platforms
• Familiarity with project management practices and techniques
• Experience working in a matrixed cross-functional environment within a service organization
• Experience in a client-facing role
• Graduate Degree Preferred

About NTT DATA

NTT DATA is a $30 billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long term success. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure and connectivity. We are one of the leading providers of digital and AI infrastructure in the world. NTT DATA is a part of NTT Group, which invests over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. Visit us at us.nttdata.com

NTT DATA endeavors to make https://us.nttdata.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at https://us.nttdata.com/en/contact-us. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click here. If you'd like more information on your EEO rights under the law, please click here. For Pay Transparency information, please click here.