Information Security Manager (ISM) - Remote US
Indexed description
NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.
We are currently seeking a Information Security Manager (ISM) - Remote US to join our team in Irving, Texas (US-TX), United States (US).
The Information Security Manager (ISM) serves as the primary information security advisor and trusted partner for assigned customer accounts. This individual contributor role is responsible for overseeing and coordinating information security services delivered by NTT DATA, ensuring alignment with customer business objectives, security policies, contractual obligations, and regulatory compliance requirements.
The ISM collaborates closely with customer leadership, technical teams, and service delivery organizations to proactively identify security risks, recommend appropriate mitigation strategies, and drive continuous improvement of the customer’s security posture.
A key focus of this role is the leadership and advancement of the Threat and Vulnerability Management Program, including vulnerability identification, risk-based prioritization, remediation governance, reporting, and enterprise coordination across internal and third-party stakeholders.
The responsibilities of the ISM include:
- Ensure the delivery of information security services to the customer follows the contract and any applicable standards and regulatory requirements (e.g., PCI, SOX)
- Collaborate with the client in the definition and implementation of information security policies, strategies, procedures and configurations to ensure confidentiality, integrity and availability of client’s environment and data
- Participate with the customer in the strategic design process to translate security and business requirements into processes and systems
- Evaluate new / emerging security products and technologies and make recommendations to customer leadership about the security posture impact on the organization
- Identify, review and recommend information security improvements as they relate to the achievement of the customer’s business goals and objectives
- Manage and drive remediation efforts related to information security; remediation may be from incidents, penetration tests, vulnerability scans, internal/external audits and Critical Practice assessments
- Identify information security weaknesses and/or gaps in the customer’s current operations and work with the customer to bring information security operations up to standards
- Participate and represent IT Security in Delivery/Operational meetings; conduct an information security operational review meeting with account (e.g., Customer Delivery Executive) and customer (e.g., CISO) key stakeholders with topics including information security status and performance
- Review service management reports to ensure tickets (i.e., incidents, problems, requests, changes) related to information security, are being acknowledged, worked and Service Level Agreements are being met; provide direction on ticket remediation and ensure remediation is complete
- Conduct an ongoing security awareness program for NTT DATA personnel supporting the customer ensuring individuals understand and are compliant with the relevant information security obligations in support of the customer; program should address relevant security topics and adequately provide guidance on security policies and supporting documentation
- Cultivate trusted partner relationships with account and customer; keep consistent and open dialogue to uncover issues, challenges, risks
- Maintain an information security strategy (forward looking roadmap), for your customer, aligning services / portfolio components to the strategy
- The role will be responsible for assessing the security vulnerabilities & threats identified by the infrastructure scan. This person will work with appropriate teams across the businesses and associated 3rd parties to ensure appropriate remediation plans are defined and implemented.
- Maintaining appropriate documentation that defines the Threat & Vulnerability Management Program, Policy and Procedures.
- 8+ years of experience in Information Security, Cybersecurity, Risk Management, Security Operations, or related disciplines.
- 5+ years of experience managing or leading vulnerability management, threat management, security governance, or risk remediation programs.
- Experience supporting enterprise-scale environments and customer-facing security engagements.
- Experience coordinating remediation activities across multiple technical teams and business stakeholders.
- Strong knowledge of vulnerability management methodologies, frameworks, and best practices.
- Experience with vulnerability assessment and scanning tools such as:
- Tenable/Nessus
- Qualys
- Rapid7 InsightVM
- Microsoft Defender Vulnerability Management
- Understanding of security controls across:
- Infrastructure
- Network
- Cloud platforms
- Endpoints
- Identity and Access Management
- Applications
- Knowledge of security frameworks and regulatory requirements such as:
- NIST
- CIS Controls
- ISO 27001
- PCI-DSS
- SOX
- Experience supporting managed security services or large enterprise outsourcing engagements.
- Experience working directly with CISOs and senior executive stakeholders.
- Experience with cloud security platforms including Azure, AWS, and Google Cloud.
- Knowledge of threat intelligence, attack surface management, and security architecture principles.
- Familiarity with ServiceNow, Archer, Jira, or other governance and remediation tracking tools.
- Experience developing vulnerability management metrics, KPIs, and executive dashboards.
- Experience supporting audits and compliance assessments in highly regulated environments.
- Knowledge of security automation and orchestration practices.
- Strategic thinker with a proactive risk management mindset.
- Ability to build trusted customer relationships and influence decision-making.
- Strong facilitation and cross-functional collaboration skills.
- Continuous improvement orientation focused on measurable security outcomes.
- Strong analytical and risk assessment capabilities.
- Excellent verbal, written, and executive presentation skills.
- Ability to influence stakeholders and drive remediation efforts without direct authority.
- Strong customer relationship management and consulting skills.
- Proven ability to manage competing priorities in a fast-paced environment.
- Bachelor's degree in Information Security, Cybersecurity, Computer Science, Information Technology, or a related field.
- Equivalent combination of education and relevant experience may be considered.
- CISSP (Certified Information Systems Security Professional)
- CISM (Certified Information Security Manager)
- CRISC (Certified in Risk and Information Systems Control)
- GIAC Certifications (GSEC, GCIH, GPEN)
- Security+
- Certified Ethical Hacker (CEH)
Whenever possible, we hire locally to NTT DATA offices or client sites. This ensures we can provide timely and effective support tailored to each client’s needs. While many positions offer remote or hybrid work options, these arrangements are subject to change based on client requirements. For employees near an NTT DATA office or client site, in-office attendance may be required for meetings or events, depending on business needs. At NTT DATA, we are committed to staying flexible and meeting the evolving needs of both our clients and employees. NTT DATA recruiters will never ask for payment or banking information and will only use @nttdata.com and @talent.nttdataservices.com email addresses. If you are requested to provide payment or disclose banking information, please submit a contact us form, https://us.nttdata.com/en/contact-us.
NTT DATA endeavors to make https://us.nttdata.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at https://us.nttdata.com/en/contact-us. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click here. If you'd like more information on your EEO rights under the law, please click here. For Pay Transparency information, please click here.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search