Director - Information Security, APAC and India

We want to shape the future with vision and innovation. Be part of it and develop your full potential

As part of the global NTT DATA Group, one of the most successful IT service providers in the world, we specialize in value-added SAP solutions as NTT DATA Business Solutions. With over 12,000 employees in more than 30 countries, we design, implement, and develop custom-fit SAP solutions for our global customers.

Would you like to take the next step in your career and be part of our highly qualified team?

Job Title: Director - Information Security, APAC and India

Experience: 14 + Years

Job Location: Hyderabad

Mode of Work: Work from Office

Job Summary:

Director - Information Security is responsible for establishing, implementing, and maintaining the organizations information security vision, strategy, and governance framework in alignment with NTT Groups Information Security Policy and Security Control Standards.

The CISO will lead enterprise-wide initiatives to ensure information assets, infrastructure, and systems are adequately protected, while fostering a culture of cybersecurity awareness and resilience.

Key Responsibilities:

• Develop and implement information security strategies and policies aligned with business objectives and NTT Group risk appetite.
• Execute information security initiatives in accordance with approved policies and strategic directives.
• Promote and nurture a security-first culture across all levels of the organization.
• Define and monitor performance indicators for security management programs.
• Report to executive management on current security posture, challenges, and areas of improvement.
• Escalate and alert leadership on potential internal and external security risks.
• Assess and benchmark the maturity and effectiveness of implemented security controls.
• Define corrective and preventive action plans, aligned with executive-approved priorities.
• Provide expert counsel to executives and the Board on strategic and operational security issues.
• Represent the organization in audits, regulatory discussions, and NTT Group security forums.

• Share and collaborate on threat intelligence with other NTT Group entities.

• Governance, Compliance & Risk:

• Ensure compliance with NTT Group Information Security Policy, Security Control Standards, and all relevant legal, regulatory, and contractual obligations.

• Develop and maintain internal Information Security Regulations and frameworks.
• Drive cross-functional security collaboration with Legal, HR, Audit, Privacy, and Operations.
• Oversee risk assessments and maintain an enterprise-wide Risk Management Framework in line with CRISC or ISO 31000 standards.

• Manage enterprise risk posture through periodic reviews and mitigation strategies.

• Security Operations:

• Establish and lead the Information Security Management Team responsible for classification, risk analysis, supplier security, audits, and business continuity.

• Ensure organizational readiness for threat detection, incident response, and recovery.
• Oversee the BCP (Business Continuity Planning) and DR (Disaster Recovery) programs — ensuring end-to-end resilience, regular testing, and continual improvement.

• Conduct periodic security drills and simulations to validate the effectiveness of incident response and recovery processes.

• Awareness, Education & Culture:

• Design and implement information security awareness programs for all employees and contractors.

• Foster a proactive and responsible security mindset across the enterprise.

• Audit & Continuous Improvement

• Partner with internal and external audit teams to evaluate and improve information security practices.

• Implement corrective actions to address audit observations and ensure ongoing compliance.
• Report security performance metrics and compliance status to executive management.

5. Required Skillset & Qualifications

Educational Qualification

• Bachelor's or Master's degree in Computer Science, Information Technology, Cybersecurity, or a related discipline.
• 14+Years of progressive experience in Information Security, with at least 3–5 years in a leadership capacity.

Technical & Functional Expertise

• Strong understanding of IT infrastructure, network security, application security, and enterprise cybersecurity frameworks.
• Proven experience in risk management, governance, compliance, and incident response.
• Ability to establish, manage, and evolve security strategies across large-scale organizations.

Certifications (Mandatory / Preferred)

• CCISO – Certified Chief Information Security Officer (EC-Council)
• CISSP – Certified Information Systems Security Professional (ISC)
• CISM – Certified Information Security Manager (ISACA)
• ISO 27001:2022 Lead Auditor / Lead Implementer or CISA – Certified Information Systems Auditor
• CRISC – Certified in Risk and Information Systems Control or ISO 31000 Certification
• Should possess strong knowledge of risk management frameworks and enterprise risk governance.
• Demonstrated expertise in BCP (Business Continuity Planning) and DR (Disaster Recovery) program management.

Behavioural & Leadership Competencies

• Strategic thinker with strong analytical and problem-solving abilities.
• Excellent communication and presentation skills — capable of translating technical risks into business context.
• Proven stakeholder management and board-level advisory capability.
• Strong leadership presence with the ability to influence, engage, and inspire cross-functional teams.

Reporting & Governance Structure

• The CISO will report to the Executive Leadership / CIO / CEO.
• The role will interface closely with Global and Regional NTT Group Security Teams.
• Responsible for periodic reporting on organizational security posture, audit outcomes, and compliance maturity to executive management and regulators.

6. Key Outcomes & Success Metrics

• Full compliance with NTT Group and regulatory security frameworks.
• Maturity uplift in enterprise risk and security posture.
• Zero major audit non-conformities or unmitigated high-risk findings.
• Effective implementation and periodic validation of BCP/DR frameworks.
• Increased organization-wide security awareness and accountability.

Get empowered by NTT DATA Business Solutions

• Are you the person we're looking for? If yes, we look forward to receiving your application for this vacancy.
  
  Write to