Information Security Officer

Is innovation part of your DNA? Do you want to enable a connected future for people, organizations, and society?

Join our growing global NTT team and you’ll be part of the world’s largest ICT company (by revenue). We’ve combined the capabilities of 28 remarkable companies to become one, leading technology services provider. Together, we help our people, clients, and communities do great things with technology to create a more secure and connected future. We employ 40,000 people across 57 countries. By bringing together the world’s best technology companies and emerging innovators, we work together to deliver sustainable outcomes to businesses and the world. Innovation is part of our DNA. We believe it’s key to what makes us different. So, we strive to move forward, challenge the status quo, and drive excellence through the technologies we integrate and the services we deliver around the world. The result is connected cities, connected factories, connected healthcare, connected agriculture, connected conservation, connected mobility, and connected sport. Together we enable the connected future.

Want to be part of the team?

We are seeking an Information Security Officer to join our Australian regional team and take ownership ensuring our security posture across the business is compliant, meets regulatory and contractual obligations and is operationally aligned with the global objectives of Information Security Services.

As part of this role the person will be accountable for

  • ISMS regional alignment across all services and business functions
  • Ongoing development of the ISMS content and improvement upon ISMS processes and compliance status
  • Security architecture reviews of solution designs
  • Advisory to executives of NTT's security posture
  • Security incident response, incident detection and incident advisory
  • Gap analysis for security controls

Typical responsibilities include

  • Regional information security advocacy
  • Security risk management
  • Security program management
  • Information security system operations, Security systems analysis and Incident response
  • Vulnerability assessment and management
  • Digital forensics and Cyber security investigations

What would make you a good fit for this role?

Key Attributes

  • Deep level of expertise with industry compliance and standards - ISO2700x, PCI, NIST, HIPAA
  • Security tools and techniques such as SANS, OWASP
  • Well versed with security consulting, gap analysis and risk assessments
  • Demonstrated experience with ensuring an organisations alignment and compliance to ISMS
  • Ability to demonstrate very strong security architecture and technical capabilities and Security GRC consulting

Technical Attributes

  • IPS / IDS and Incident Response
  • Vulnerability, Risk and Penetration testing
  • Secure code reviews and code exploitation
  • Deep level of understanding of security vulnerabilities and exploitation techniques across Windows and Unix based systems
  • General security architecture abilities across Network, Firewalls, Compute, Cloud and Application security

Soft Skills

  • Ability to review and challenge technical documentation and security architecture
  • Well versed with C-Level discussions and communicating security postures in a non-technical manner
  • Ability to discuss and report technology and information security risk with non-technology and executive business stakeholders
  • Demostrated experience with mapping business needs to technology solutions
  • Consultative manner and approach
  • Ability to build and maintain relationships across an organisation