Cloud Security Engineer

BSA (Business Support & Advisory) is an integral and global unit of the company oriented towards internal clients. Its team is a key part of the company's performance in three areas: operations, compliance and advisory. This area develops solutions aligned with the company's strategic objectives in order to be more efficient, productive and innovative. Thanks to its expert knowledge, it provides professional support and accompaniment in different areas (HR, Finance, Legal, IT, Real Estate & Workplace, Marketing, Procurement, Security & Privacy, among others) to advise the business on decision-making.

&First Choice

The Office of Information Security (OIS) is responsible for implementing the global security policies and standards globally within NTT DATA, Inc. Their area of responsibility covers both corporate and business areas. The OIS has a dedicated team which supports, controls, and advises I&T and business areas in security matters, ensuring the implementation of the security baseline in corporate environments, projects, services, products, and assets within NTT DATA.

As a Cloud Security Engineer, you will work closely with the global security team and coordinate with all other regional teams within NTT DATA Europe & LATAM. You will join the OIS team, working autonomously in a collaborative environment made up of experts in a range of security-related fields. You will apply a proactive approach to safeguarding our cloud infrastructure while aligning security strategies with overall business objectives. You will work closely with other leaders throughout the organization to ensure that the company is properly protected through appropriate security programs.

FUNCTIONS

In collaboration with your Business Information Security Officer, your main activities will be:

• Support for the integration of the global OIS framework.
• Act as a focal point and subject matter expert in cloud security with local corporate and business units, providing thought leadership to key stakeholders.
• Security Standards Compliance: Implement and ensure adherence to corporate security policies and frameworks such as NIST, CIS, ISO, and ENS.
• Cloud Security Advisory: Review that cloud security architectures align with organizational goals. Support hardening processes and assess asset update policies for the infrastructure. Oversee security protocols for cloud providers, primarily Azure and AWS. Evaluate and mitigate security risks associated with the entire cloud environment.
• Interact with technical teams: Direct relation with teams that serve as security champions across the organization to ensure policies low level application.
• Negotiate effectively with technical teams and BISOs at the sub-regional level.
• Engage with platform owners to discuss and resolve technical issues, presenting insights from a security perspective.
• Foster a culture of security awareness and best practices within technical teams
• Identify tools and processes needed to improve the cloud security maturity, moving towards a zero-trust posture.
• Promote sharing of expertise through consulting, presentation, and documentation.
• Report to and advise the Business Information Security Officer.
• Coordinate others experts within the team for a consolidate security posture assessment.
• Undertake additional duties as needed.

Experience: 5 years of experience in the information security field and the responsibilities described above.

Technical Skills:

• Have a bachelor's degree (Computer Science or similar degree) and higher education or equivalent professional experience.
• Strong technical knowledge of cloud security involving serverless infrastructures, Kubernetes, containers, WAF, encryption protocols, IAM integration, key managers, API management.
• Knowledge related to AWS and Azure NW Security.

Desirable but not required:

• Professional certifications including CCSP, CISSP, CISM, CISA, NSE, NIST, and PCNSE and/or other information security standards and best practices (e.g., ISO 27001, ISO 22301, ISO 27017, etc.).
• Experience with Identity providers (OKTA/Entra ID as highly valued).
• Experience with how other technologies intertwine with the Security ecosystem: Crowdstrike, Zscaler ZPA, Defender, Intune, Jamf, Cisco Secure endpoint, MS DLP, others.
• Knowledge of security standards and frameworks (such as NIST, CIS, ISO).
• Artificial intelligence applications and European regulation.
• Familiarity with security auditing processes and best practices.

Functional Skills:

• Outstanding customer orientation and negotiation skills, demonstrating, empathy, respect, professionalism, and expertise.
• Good interpersonal skills, including ability to lead, encourage and influence staff across the organization, decision-making and priority identifying.
• Excellent verbal and written communication skills.
• Critical thinking and composure under pressure.
• Goal oriented, team player, flexible and proactive.
• Proven history of working independently in a self-motivated manner.
• Proven experience in managing and developing a team of security professionals.

Languages:

• Fluent professional English proficiency (C1 or higher).
• Fluent professional proficiency (C1 or higher) in Spanish and/or other languages in the European perimeter will be valued.

At NTT Data, we believe everyone is unique and different, this is why we bet for an inclusive culture that recognizes and values diversity. We work day after day to create an environment in wich we can explore, live and enhance our own singularity.