Cloud Security & IAM Senior Specialist Hybrid Texas

Req ID: 374091 

NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.

We are currently seeking a Cloud Security & IAM Senior Specialist Hybrid Texas to join our team in Plano, Texas (US-TX), United States (US).

The NTT DATA Cloud Security & IAM Senior Specialist works closely with the Information Security Manager (ISM) to ensure the seamless delivery of all information security services that NTT DATA provides to the customer.  

Role Responsibilities

• Identify and continually review and recommend cloud security leading practices Obtain and review industry-recognized periodical bulletins regarding cloud security
• Utilize native cloud security solutions or third-party solutions (e.g. CSPM, CNAPP, CIEM, CASB) to secure the cloud environment and individual applications
• Utilize native cloud SIEM or integrate cloud monitoring events into SIEM or other operational solution 
• Monitor cloud network security based on best-practice and recommended standards and Customer’s security standards,
• Support and maintain familiarity with modern cloud network architectures, such as Software Defined Networking (SDN), virtual private clouds such as Virtual Subnets (VNETs), and Security Groups where needed
• Maintain virtual private cloud network segregation (i.e., the separation of the VNETs, VPCs, and subnets for production and non-production )
• Monitor cloud VPN gateway; ensure any external connections to the environment utilize secure connectivity methods (such as IPSEC Tunnels); and disablement or blocking any unnecessary or unapproved ports and protocols for cloud workloads;
• Manage multi-factor authentication used for resource access to the cloud console and management network
• Monitor firewall/security group Configurations
• Detect and ensure cloud hosted data I  encrypted as required
• Monitor the security posture of the cloud supplier’s DNS / routing configurations and cloud resources
• Continuously assess cloud network configurations against regulatory and organizational standards (e.g., CIS, NIST) and generate automated audit-ready reports.
• Monitor and secure administrative level and root account privileges through following recommended best practices, such as:
  • enabling and enforcing multi-factor authentication; and
  • support and assist with AD integration, enable and support Azure role-based access control (RBAC), as well as conditional access with privileged accounts (attribute-based access control or context-based access control)
  •  adhere to cloud best practice standards and procedures for access key management, rotation, and secure storage
  • ensure cloud-hosted resources have appropriate security rules and standards for only necessary ports and protocols
  • manage and administer the cloud environment role provisioning and de-provisioning based on least-privilege and need-to-know principles.
• Cloud Account Management - Create, modify, delete Accounts; associate and de-associate Cloud Services Resources within defined Tenants; collect and validate all Asset information for
• Customer Cloud Accounts; utilize Public Cloud Services to manage & maintain account standardization and compliance throughout the lifecycle of an Account; and
• Cloud Services Identity and Access Management (IAM) - Management of Identity and Access Management to grant End Users the right to use a service and deny access to unauthorized users.
• Grant End Users the right to use a service and deny access to unauthorized users;
• Define, implement and operate access management protocols, tools and processes that enable access rights and identities to be established, controlled, authorized, administered, reported and audited in adherence with the Identity Management Policy standards;
• Develop and best practices and implement including -Least Privilege Access, Strong Authentication Mechanisms, Role-Based Access Control (RBAC) ,etc
• Develop policies on privacy protection and protective security for access to data, including security, data and records management, and electronic records and data 
• Conduct periodic access reviews, detect procedure violations, and generate audit-ready reports (for regulatory standards like ISO 27001, SOC 2, and GDPR.)
• User Management - Control User access to cloud resources by users for maintaining system security and the prevention of unauthorized use. Implement strong authentication methods, monitoring user activities, and ensuring compliance with security policies and regulatory requirements. 
• Cloud VM and Storage Security - Monitor VM and storage encryption security requirements;  provide, monitor and oversee OS, container, and workload instances to ensure hardening of workloads to comply with the CIS level 1 security standard that complies; monitor resiliency and recovery of cloud workloads to ensure sound backup management, scheduling, retention management

• Cloud Security Posture Management - Manage cloud security posture management platform and capabilities. Responsibilities include: 
  • Support the administration of the CSPM platform, which includes access control, Software updates, and working with the vendor on platform support
  • manage and monitor vulnerability detection of cloud workloads and services, this includes both CVE registered vulnerabilities and security misconfigurations detected by the tool
  • assist with prioritization, escalation, and management of Alerts and detections from the tool
  • Integrate with Security Operations Centre and SIEM platform
  • support and monitor the identity and entitlements management functionalities of the too
  • Integrate CSPM tool into SASE tool stack and cloud environment.

Basic Requirements:

• 6+ years of Cloud Security Experience

Additional Preferences:

• Knowledge of risk management concepts
• Knowledge of systems and network administration (i.e., desktop, server)
• Familiarity with information security technologies and issues on multiple platforms
• Knowledge of Globally Accepted Information Security Principles
• Knowledge of network security that pertains to communications, computer system environments and related infrastructure
• Knowledge of server and desktop configurations that will protect systems from unauthorized access and software invasion
• Preferred: CISSP, GIAC, SSCP or CEH

About NTT DATA

NTT DATA is a $30 billion business and technology services leader, serving 75% of the Fortune Global 100. We are committed to accelerating client success and positively impacting society through responsible innovation. We are one of the world's leading AI and digital infrastructure providers, with unmatched capabilities in enterprise-scale AI, cloud, security, connectivity, data centers and application services. our consulting and Industry solutions help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have experts in more than 50 countries. We also offer clients access to a robust ecosystem of innovation centers as well as established and start-up partners. NTT DATA is a part of NTT Group, which invests over $3 billion each year in R&D.

Whenever possible, we hire locally to NTT DATA offices or client sites. This ensures we can provide timely and effective support tailored to each client’s needs. While many positions offer remote or hybrid work options, these arrangements are subject to change based on client requirements. For employees near an NTT DATA office or client site, in-office attendance may be required for meetings or events, depending on business needs. At NTT DATA, we are committed to staying flexible and meeting the evolving needs of both our clients and employees. NTT DATA recruiters will never ask for payment or banking information and will only use @nttdata.com and @talent.nttdataservices.com email addresses. If you are requested to provide payment or disclose banking information, please submit a contact us form, https://us.nttdata.com/en/contact-us.

NTT DATA endeavors to make https://us.nttdata.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at https://us.nttdata.com/en/contact-us. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click here. If you'd like more information on your EEO rights under the law, please click here. For Pay Transparency information, please click here.