Lead Security Consultant, NTT DATA

• You will need to have a broad experience of security architecture and have evidence of experience in a number of the following fields of expertise:
• 7+ years' varied experience in information security, data protection, and security architecture roles, with a focus on cloud security, and compliance
• Strong understanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53 / CSF, NIS/NIS2, DORA, UK CNI / OT / IIOT compliance
• Hands-on experience building credibility with external stakeholders through technical presentations, audits, or compliance reporting, including enterprise clients, critical system vendors, certification auditors and regulatory bodies
• Proven ability to technically guide and mentor teams, as well as influence and collaborate with senior stakeholders in a similar architecture, security, or risk management role
• A hands-on approach with the ability to balance project level strategic oversight with direct involvement in security tasks
• Excellent communication skills, with the ability to present complex information clearly and effectively to non-technical stakeholders
• Strong attention to detail and the ability to deliver high quality work
• Experience in presales activities, including contributing to proposals, estimating effort, and presenting solutions
• Experience in supporting bid management processes, providing technical input and risk assessments
• A valid right to work in the UK
• Eligible to obtain UK SC clearance
• CISA, CRISC, CISM or CISSP certification a must

• Translate business, data protection and security requirements into practical and well-structured architectural designs, utilizing industry best practices and security frameworks (e.g., NIST, ISO 27001, CIS)
• Develop and maintain secure architectural patterns and standards, with a solid working knowledge of cloud security (AWS, Azure, GCP)
• Apply risk-based and threat-based approaches to evaluate and recommend appropriate and proportionate security technologies and solutions (e.g., SIEM, IAM, CASB, container security)
• Outline key security components, interfaces, and dependencies. Develop architectural diagrams and overviews. Document security design principles and provide rationale
• Ensure designs align with business objectives, security policies, and industry best practices, with a focus on cloud-native security considerations
• Conduct comprehensive risk assessments and threat modelling, providing detailed analysis and actionable recommendations
• Advises clients on risk mitigation strategies and security best practices, and support the implementation of those strategies, contributing to measurable improvements
• Support security incident response and investigations, contributing to thorough post-incident reviews and identifying areas for improvement
• Provide expert guidance to clients on secure architecture and risk management, participating in technical discussions with stakeholders
• Engage with stakeholders to contribute to informed security decisions and communicate complex security concepts effectively
• Deliver clear presentations and reports to technical and non-technical audiences and provide technical guidance to project teams
• Collaborate with developers, IT operations, and other security team members to ensure effective security integration throughout the SDLC
• Advise on the development and implementation of security policies, standards, and procedures, and support their enforcement, including cloud-specific policies
• Conduct security compliance assessments and audits, and assist in addressing any gaps, providing recommendations for remediation
• Support alignment with relevant security frameworks and regulations, identifying potential compliance issues and contributing to mitigation strategies
• Conducts security architecture reviews and perform security assessments, including vulnerability scanning, configuration reviews, and cloud security posture assessments, identifying vulnerabilities and recommending detailed remediation strategies
• Contribute to the development of security architecture roadmaps and strategic plans, and support their implementation, with a focus on continuous improvement
• Evaluate and recommend appropriate security technologies and solutions and support the deployment and integration of those technologies
• Provide guidance on the implementation of security controls and best practices and support the maintenance and optimization of those controls
• Stay updated with emerging threats and technologies, and research and recommend new security solutions
• Contribute to the development of proposals and statements of work, including defining the scope, approach, and deliverables
• Estimate effort, costs, and timelines for security solutions, considering various factors and constraints
• Present security solutions and architectures to potential clients, effectively communicating their value and benefits
• Support the bid management process by providing technical input, risk assessments, and compliance considerations

• A people focused business
• Excellent opportunities to grow your career, including an online training platform with 3000+ courses, accessible from everywhere, to sharpen your skills
• A varied client base

The changes brought on by digitisation have only accelerated in the past few decades, and large organisations have been struggling to keep up. Attracting future investment and ensuring growth is more than a matter of purchasing new tools, it involves a fundamental change in ways of working and company culture that few organisations have the expertise to achieve on their own. The UK and Ireland arm of NTT Data, a global digital transformation consultancy and services firm, exists to support businesses and government organisations through this seismic change.