Information Security Manager (ISM) - Remote US

NTT DATA Corporation
Irving, United States of America
3 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 226K

Job location

Remote
Irving, United States of America

Tech stack

Amazon Web Services (AWS)
Software System Penetration Testing
JIRA
Azure
Cloud Computing
Cloud Computing Security
Computer Security
Information Systems
Executive Information Systems
Identity and Access Management
Information Systems Security Architecture Professional
PCI Data Security Standards
Software Vulnerability Management
Google Cloud Platform
Cyber Threat Analysis
Information Technology
Tenable Nessus
Nessus
CIS Benchmarks
Qualys
Security Orchestration, Automation & Response
ServiceNow
Vulnerability Analysis

Job description

The Information Security Manager (ISM) serves as the primary information security advisor and trusted partner for assigned customer accounts. This individual contributor role is responsible for overseeing and coordinating information security services delivered by NTT DATA, ensuring alignment with customer business objectives, security policies, contractual obligations, and regulatory compliance requirements.

The ISM collaborates closely with customer leadership, technical teams, and service delivery organizations to proactively identify security risks, recommend appropriate mitigation strategies, and drive continuous improvement of the customer's security posture.

A key focus of this role is the leadership and advancement of the Threat and Vulnerability Management Program, including vulnerability identification, risk-based prioritization, remediation governance, reporting, and enterprise coordination across internal and third-party stakeholders.

The responsibilities of the ISM include:

  • Ensure the delivery of information security services to the customer follows the contract and any applicable standards and regulatory requirements (e.g., PCI, SOX)
  • Collaborate with the client in the definition and implementation of information security policies, strategies, procedures and configurations to ensure confidentiality, integrity and availability of client's environment and data
  • Participate with the customer in the strategic design process to translate security and business requirements into processes and systems
  • Evaluate new / emerging security products and technologies and make recommendations to customer leadership about the security posture impact on the organization
  • Identify, review and recommend information security improvements as they relate to the achievement of the customer's business goals and objectives
  • Manage and drive remediation efforts related to information security; remediation may be from incidents, penetration tests, vulnerability scans, internal/external audits and Critical Practice assessments
  • Identify information security weaknesses and/or gaps in the customer's current operations and work with the customer to bring information security operations up to standards
  • Participate and represent IT Security in Delivery/Operational meetings; conduct an information security operational review meeting with account (e.g., Customer Delivery Executive) and customer (e.g., CISO) key stakeholders with topics including information security status and performance
  • Review service management reports to ensure tickets (i.e., incidents, problems, requests, changes) related to information security, are being acknowledged, worked and Service Level Agreements are being met; provide direction on ticket remediation and ensure remediation is complete
  • Conduct an ongoing security awareness program for NTT DATA personnel supporting the customer ensuring individuals understand and are compliant with the relevant information security obligations in support of the customer; program should address relevant security topics and adequately provide guidance on security policies and supporting documentation
  • Cultivate trusted partner relationships with account and customer; keep consistent and open dialogue to uncover issues, challenges, risks
  • Maintain an information security strategy (forward looking roadmap), for your customer, aligning services / portfolio components to the strategy
  • The role will be responsible for assessing the security vulnerabilities & threats identified by the infrastructure scan. This person will work with appropriate teams across the businesses and associated 3rd parties to ensure appropriate remediation plans are defined and implemented.
  • Maintaining appropriate documentation that defines the Threat & Vulnerability Management Program, Policy and Procedures.

Requirements

  • 8+ years of experience in Information Security, Cybersecurity, Risk Management, Security Operations, or related disciplines.
  • 5+ years of experience managing or leading vulnerability management, threat management, security governance, or risk remediation programs.
  • Experience supporting enterprise-scale environments and customer-facing security engagements.
  • Experience coordinating remediation activities across multiple technical teams and business stakeholders.

Technical Knowledge

  • Strong knowledge of vulnerability management methodologies, frameworks, and best practices.

  • Experience with vulnerability assessment and scanning tools such as:

  • Tenable/Nessus

  • Qualys

  • Rapid7 InsightVM

  • Microsoft Defender Vulnerability Management

Understanding of security controls across:

  • Infrastructure
  • Network
  • Cloud platforms
  • Endpoints
  • Identity and Access Management
  • Applications

Knowledge of security frameworks and regulatory requirements such as:

  • NIST
  • CIS Controls
  • ISO 27001
  • PCI-DSS
  • SOX, * Experience supporting managed security services or large enterprise outsourcing engagements.
  • Experience working directly with CISOs and senior executive stakeholders.
  • Experience with cloud security platforms including Azure, AWS, and Google Cloud.
  • Knowledge of threat intelligence, attack surface management, and security architecture principles.
  • Familiarity with ServiceNow, Archer, Jira, or other governance and remediation tracking tools.
  • Experience developing vulnerability management metrics, KPIs, and executive dashboards.
  • Experience supporting audits and compliance assessments in highly regulated environments.
  • Knowledge of security automation and orchestration practices.

Leadership Characteristics and Professional Skills

  • Strategic thinker with a proactive risk management mindset.
  • Ability to build trusted customer relationships and influence decision-making.
  • Strong facilitation and cross-functional collaboration skills.
  • Continuous improvement orientation focused on measurable security outcomes.
  • Strong analytical and risk assessment capabilities.
  • Excellent verbal, written, and executive presentation skills.
  • Ability to influence stakeholders and drive remediation efforts without direct authority.
  • Strong customer relationship management and consulting skills.
  • Proven ability to manage competing priorities in a fast-paced environment.

Education

  • Bachelor's degree in Information Security, Cybersecurity, Computer Science, Information Technology, or a related field.
  • Equivalent combination of education and relevant experience may be considered.

Certifications

  • CISSP (Certified Information Systems Security Professional)
  • CISM (Certified Information Security Manager)
  • CRISC (Certified in Risk and Information Systems Control)
  • GIAC Certifications (GSEC, GCIH, GPEN)
  • Security+
  • Certified Ethical Hacker (CEH)

Benefits & conditions

NTT DATA provides a reasonable range of compensation for U.S.-based positions. The starting pay range for this remote role is $116,000- $226,000. This range reflects the minimum and maximum target compensation for the position across all US locations. Actual compensation will depend on a number of factors, including the candidate's actual work location, relevant experience, technical skills, and other qualifications

NTT DATA provides a reasonable range of compensation for U.S.-based positions. The starting pay range for this role is [annual salary range or hourly range]. Actual compensation will depend on a number of factors, including the candidate's relevant experience, technical skills, and other qualifications.

This position may also be eligible for incentive compensation based on individual and/or company performance. If the position offered in temporary, the position will not be eligible for incentive compensation.

About the company

NTT DATA is a $30 billion business and technology services leader, serving 75% of the Fortune Global 100. We are committed to accelerating client success and positively impacting society through responsible innovation. We are one of the world's leading AI and digital infrastructure providers, with unmatched capabilities in enterprise-scale AI, cloud, security, connectivity, data centers and application services. our consulting and Industry solutions help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have experts in more than 50 countries. We also offer clients access to a robust ecosystem of innovation centers as well as established and start-up partners. NTT DATA is a part of NTT Group, which invests over $3 billion each year in R&D.

Apply for this position