Security Engineer focused on enhancing cloud security at Ramp, ensuring safe management of financial data. Collaborating with cross - functional teams to remediate security issues and deploy secure solutions.
About the role
- Senior Security Auditor managing audit program operations for global security audits at NTT DATA. Focusing on coordinating, executing audits, producing reports and tracking remediation.
Responsibilities
- Provide senior-level audit program operations and security assurance support for a global security audit program
- Own day-to-day operations of the global supply chain security audit program, ensuring overall quality control and adherence to customer requirements
- Maintain and continuously update the audit calendar; coordinate scheduling with internal stakeholders and third‑party partner sites (e.g., contract manufacturers)
- Plan and execute on-site or virtual audits as required; manage audit logistics, evidence requests, meeting agendas, and pre-audit readiness activities
- Assess partner-site network topology and configuration against defined security requirements; document gaps, risks, and recommendations
- Produce high-quality audit reports, including findings, severity/risk rationale, and Corrective Action Plans (CAP) where applicable
- Review submitted audit results (from internal/partner contributors) for accuracy, completeness, and quality; drive rework where needed
- Track remediation actions and open items; coordinate with audit teams and partner-site IT teams to drive timely closure of security gaps and remediation bugs
- Conduct supply-chain related data security risk assessments and provide written reports with mitigation recommendations; may include mock ISMS/ISO 27001 readiness audits
- Support planning and coordination for new security implementations (e.g., kick-off coordination, golden image rollouts, authentication updates) by aligning stakeholders, timelines, and required actions
- Develop slide decks and support kick-off and executive update presentations for partner sites and program stakeholders
- Provide light security operations coordination support (e.g., triage and reassignment of EDR detection tickets to partner sites; follow up on remediation status)
- Deliver regular operational reporting (weekly/monthly/quarterly and as required) including progress updates, current status, KPIs, insights, and analysis
- Prepare operational forecasts (weekly/monthly/quarterly/bi-annual/annual) with assumptions and risk/opportunity assessments
- Serve as a country or site lead point of contact when assigned; manage stakeholder communications and escalation paths effectively
- Maintain strict confidentiality of customer and site information; adhere to customer and site IT policies and procedures
Requirements
- 6–10+ years of experience in security auditing, security assurance, GRC, or security assessments
- Experience with third‑party/vendor or supply-chain audits is highly preferred
- Demonstrated experience running audit program operations: scheduling, readiness, evidence management, reporting, CAP creation, and remediation tracking to closure
- Working knowledge of ISO/IEC 27001 (ISMS) and common security control domains; ability to perform readiness reviews and control mapping
- Solid understanding of enterprise networks and security fundamentals to review network topology/configuration and identify control gaps
- Strong stakeholder management and communication skills; able to engage with cross-functional internal teams and partner-site IT teams across geographies
- Excellent written English skills with proven ability to produce structured audit reports, executive summaries, KPIs, and forecasts
- Comfortable working across time zones and managing multiple sites/workstreams; highly organized and detail-oriented
- Willingness and ability to travel domestically and internationally as required
- Preferred Certifications: CISA, CISSP, ISO/IEC 27001 Lead Auditor/Lead Implementer (or equivalent)
Benefits
- Opportunity to make an impact with NTT DATA
- Technical excellence and leading innovations
- Diverse and inclusive workplace
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
Senior Information Security Analyst at Banco ABC Brasil securing digital assets and ensuring compliance with industry standards. Collaborating with teams to enhance cybersecurity measures and manage incidents.
Sales Enablement Manager at Upwind Security crafting compelling narratives for technical audiences. Collaborating across teams to enhance market readiness and impact through influential content.
Talent Acquisition Partner owning recruitment cycles and enhancing Upwind's culture through AI - driven strategies in a fast - growing startup. Proactively sourcing global Go - To - Market roles while partnering closely with hiring managers.
Principal Associate in Capital One’s Cyber Division managing Information Security for Financial Services. Supporting stakeholders with analysis, reporting, and execution of cyber initiatives within the FS ISO Command Center.
IT Security Expert developing and maintaining a scalable hybrid multicloud network architecture across multiple European locations. Managing security and connectivity solutions in Azure and AWS environments.
Senior Information Governance Security Consultant at Civica improving information governance and cyber security for public and private sector clients. Leading security engagements and consultancy for resilience, compliance, and risk management.
Associate Manager in Accenture's Global Protection & Security Team for Central Europe. Advising on physical safety, crisis management, and threat analyses in a dynamic, international environment.
Manager of IS Architecture & Compliance supporting security and compliance initiatives at Connecticut Children's health system. Partnering with teams to implement controls and assess risks across IT and business functions.
Cybersecurity Learning Specialist at Avaron developing digital learning solutions to promote secure behaviors across a global cybersecurity organization. Focusing on pedagogical methods for effective learning experiences.