Security Consultant

At NTT we believe that by using innovative technology we can solve global challenges and create a world that is sustainable and secure. We are looking for curious people, from diverse backgrounds, that are keen to work in a fast-paced and agile environment.

At NTT we trust our employees to do the right thing, even when no one is watching, which is why we offer flexibility in the workplace. The majority of our roles are hybrid, meaning we encourage a balance of working from home and our local office. Ask our recruitment team if this is a hybrid role.

**Want to be a part of our team?**

**Working at NTT**

**Key Roles and Responsibilities**:
As a Security Consultant in APAC Security Consulting practice of NTT Ltd.’s Security business, this role will execute and lead client engagements focusing on the delivering and management of Cybersecurity consulting practice work for India and wider APAC region. This position would be having following key responsibilities:

- Deliver and lead Threat & Vulnerability Assurance (TVA) security consulting projects covering the following key areas:

- Infrastructure and Web vulnerability assessment and penetration testing
- Technical security configuration assessments
- Application security assessments
- Cloud Security configuration reviews
- Network security architecture reviews
- Phishing assessments
- Red Teaming exercises
- Support security consulting pre-sales work (e.g. writing SoWs, proposals etc.)
- Be flexible to acquire new skills and show willingness in learning/re-learning and un-learning things as needed for the success of this role and the overall security consulting practice
- Demonstrate strong skills in analysing customer business processes and technical environments
- Provide consultancy advices to client in closing technology control gaps / vulnerabilities in a practical way
- Demonstrate commitment to delivering projects within time and in budget and to a high level of customer satisfaction
- Be able to liaise and work closely with clients across multiple consulting TVA projects and handle stakeholder expectations
- Actively participate in knowledge sharing with all team members
- Keep all records complete and up-to-date, ensuring team leader/members are kept informed on progress
- Aid the practice in developing/maintaining its processes, methodologies and procedures

**Knowledge, Skills and Attributes**:

- Penetration testing domain certifications such as CEH/CREST CPT/CCT Web App/CCT Infrastructure, OSCP/OSCE/OSWE
- Other information security and audit certifications are preferred but not required, such as CISA/CISM/CRISC/CISSP
- Experienced in supporting consulting pre-sales work (e.g. writing SoWs, proposals etc.)
- Demonstrate excellent skills in structured problem solving techniques, creativity and intelligence in the development of solutions to customer problems
- Be self-motivated and self-disciplined with a demonstrable and successful track record in delivering consultancy projects to all sizes of organizations
- Must have good presentation skills with the ability to present to audiences of both business and IT stakeholders
- Must have good written communication and report writing skills
- Must be a good team player
- Demonstrates commitment to delivering projects within time and in budget and to a high level of client satisfaction
- Strong understanding of information technology and information security
- Solid understanding of security risks and preventative controls
- Service consulting aptitude, focusing on the business, service and sales aspects
- Excellent verbal and written communication skills
- Maintain up-to-date knowledge of security threats, countermeasures, security tools, and network technologies
- High level of drive and ability to work under pressure
- Ability to build and maintain cross-functional relationships with a variety of stakeholders

**Required Experience**:

- Possess at least 7 years of working experience related to information security consulting with a minimum of 5 years of hands-on experiences on TVA practice areas.
- Required degree level education, or significant experience and track record with tertiary qualifications on relevant domains, including computer science, computer engineering and information security
- Penetration testing domain certifications such as CEH/CREST CPT/CCT Web App/CCT Infrastructure, OSCP/OSCE/OSWE
- Other information security and audit certifications are preferred but not required, such as CISA/CISM/CRISC/CISSP

**What will make you a good fit for the role?**

**Equal opportunity employer**

NTT is proud to be an equal opportunity employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, color, sex, religion, national origin, disability, pregnancy, marital status, sexual orientation, gender reassignment, veteran status, or other protected category.