Security Apps Lead

About the role

The Security Apps Lead at NTT DATA is responsible for operationally managing the organisation’s information‑security programme. Reporting to senior leadership, the role ensures that security strategies, frameworks and policies are implemented to protect digital assets and support risk‑free, scalable business operations.

Key responsibilities

• Provide operational management for the implementation of an organisation‑wide information‑security strategy aligned with business objectives.
• Maintain and enforce security policies, procedures, standards and guidelines in line with industry best practices and regulatory requirements.
• Coordinate identification, assessment and mitigation of security risks across data, systems, networks and third‑party relationships.
• Promote security awareness through training, education and regular communication.
• Execute incident‑response plans and communicate outcomes to stakeholders.
• Ensure compliance with relevant security regulations, laws and industry standards.
• Assess, select and implement appropriate security technologies and solutions.
• Deploy and manage security monitoring tools to detect threats and provide regular reports to senior leadership.
• Stay informed on emerging threats and industry trends to continuously improve the security posture.
• Coordinate internal and external security audits and assessments.
• Provide guidance and management to the information‑security team, ensuring adherence to policies and procedures.

Required profile

• Strong knowledge of security frameworks and standards such as ISO 27001, NIST and CIS.
• Solid understanding of security technologies, tools and best practices.
• Excellent communication and presentation skills, able to convey complex security concepts to non‑technical audiences.
• Developing team‑management capabilities to lead and motivate a diverse security team.
• Problem‑solving orientation with a focus on delivering results.
• Good business acumen.

Required skills

• ISO 27001
• NIST framework
• CIS controls
• Security monitoring tools
• Incident‑response processes
• Security audit and assessment methodologies
• Security technology evaluation and implementation