Information Security Specialist

NTT is a leading global IT solutions and services organisation that brings together people, data and things to create a better and more sustainable future.

In today’s ‘iNTTerconnected’ world, connections matter more now than ever. By bringing together talented people, world-class technology partners and emerging innovators, we help our clients solve some of the world’s most significant technological, business and societal challenges.

With people at the heart of our success, NTT is committed to attracting and growing the best talent and providing an environment where everyone feels they can belong and their contribution matters.

**Want to be a part of our team?**
- Support the regional Global Data Centers (“GDC”) organisation’s Info Security and Business Continuity governance, risk management, compliance, internal audit, external audits & certification management activity across the APAC GDC countries.
- Support the Director of GRC & GDC APAC Management in the implementation, maintenance, monitoring & reporting of the Global Data Center organisation’s Info Security and Business Continuity management systems and activities across APAC countries.
- Support, maintain and monitor all relevant data center certifications & external audits (Example: ISO27001, PCIDSS etc) across APAC GDC countries.
- Coordinates, develops, monitors, and implements emergency preparation plans with organization leadership or their designees; providing response, recovery, and tactical plans to resume business operations following a business interruption, cyber-risk exposure, or disaster.
- Analyzes company-wide initiatives/contingency plans to ensure the stability of critical business functions and enterprise systems within a specific time frame and to minimize loss and financial risk.

**Working at NTT**

**Information Security Governance Risk Compliance**
- Support implementation, maintenance & administration of the Global Data Centers’ Information Security governance, risk, compliance, & info security management systems & standards, policies and procedures across the APAC region
- Perform Information Security Risk management including risk assessment, monitoring, review, consolidation and reporting.
- Lead Information Security Incident management & reporting within the region
- Support regular InfoSec key metrics monitoring, consolidation and management reporting
- Keep up-to-date with the development in local regulations or standards and assess the impact of such changes within the industry.
- Support APAC region Global Data Center business units to effectively establish and maintain a framework of governance and risk controls, policies and compliance processes to manage risk across the organisation.
- Identify and highlight critical risk & compliance areas where immediate action is needed
- To promote and improve the understanding of company compliance policies and proactively advocate and foster a strong compliance culture and awareness through training and internal promotion.
- Conduct investigation, inspection, and audit activities to ensure compliance to company policies and procedures, to investigate alleged violations where required.
- Plan, promote, and organise training activities related to GRC matters.
- Support & participate in various cross-scope GRC, ISMS, audit activities and projects.

**Info Security Internal Audits**
- Conduct Info security / BCM internal audits to review and evaluate the adequacy, effectiveness and efficiency of the organisation’s risk management, internal controls & governance processes, policies & procedures; and recommend corrective actions to improve operations, enhance internal controls and reduce controls risk and costs where possible.
- Support cross scope internal audit engagements (IT & non-IT) and compliance review/investigations.

**Business Continuity Management**
- Support developing, maintenance, testing, and documentation of business continuity policy and plans; identify and test recovery strategies; address and mitigate gaps that impact business continuity and recovery.
- Develop and maintain documentation pertaining to business continuity policies, procedures and standards within the relevant framework.
- Develop and document tactical business continuity and disaster recovery plans.
- Develop and implement disaster recovery test plans.
- Works with line management to design and test Business Continuity & Disaster Recovery Plans (BCP/DRP).
- Disseminates recovery strategies and continuity policies/procedures across assigned organizations.
- May act as point-person for response to events during a crisis.
- Supports initiatives preparing the organization to react effectively to business disruption caused by unforeseen circumstances.
- Perform ongoing risk analysis of existing disaster recovery plans and provide feedback and recommend risk mitigation and service improvement.
- Carry out ongoing validation of operational compliance with existing disaster recover