Information Security Consultant II

About NCR VOYIX

NCR VOYIX Corporation (NYSE: VYX) is a leading global provider of digital commerce solutions for the retail, restaurant and banking industries. NCR VOYIX is headquartered in Atlanta, Georgia, with approximately 16,000 employees in 35 countries across the globe. For nearly 140 years, we have been the global leader in consumer transaction technologies, turning everyday consumer interactions into meaningful moments. Today, NCR VOYIX transforms the stores, restaurants and digital banking experiences with cloud-based, platform-led SaaS and services capabilities.

Not only are we the leader in the market segments we serve and the technology we deliver, but we create exceptional consumer experiences in partnership with the world's leading retailers, restaurants and financial institutions. We leverage our expertise, R&D capabilities and unique platform to help navigate, simplify and run our customers' technology systems.

Our customers are at the center of everything we do. Our mission is to enable stores, restaurants and financial institutions to exceed their goals – from customer satisfaction to revenue growth, to operational excellence, to reduced costs and profit growth. Our solutions empower our customers to succeed in today's competitive landscape. 

Our unique perspective brings innovative, industry-leading tech to all the moving parts of business across industries. NCR VOYIX has earned the trust of businesses large and small — from the best-known brands around the world to your local favorite around the corner.

Information Security Consultant II

This role is part of NCR's Global Information Security team. This team is responsible for developing and implementing NCR's corporate information security program. The primary goal of the program is to protect the confidentiality, integrity, and availability of information resources. Key information security functions and activities include architecture and design for NCR information security controls, developing and enforcing policies and standards, security awareness training, risk management, assessment, and testing, monitoring and metrics, incident management, and threat and vulnerability management.

The Information Security Consultant shall be responsible for the day-to-day activities required to respond for both routine and high severity vulnerabilities and security incidents. The Information Security Consultant shall work in a collaborative manner with vulnerability coordinators, incident responders, key incident management team members, management, and other stakeholders to ensure vulnerabilities and security incidents are contained, eradicated, remediated and after-action review is held according to corporate policy.  The Information Security Consultant is expected to contribute to weekly status calls and respond to ad-hoc requests as part of this position. The Information Security Consultant will work with stakeholders and team members to assist with improving incident response processes that are aligned with the mission of the office of the CISO. The individual should be highly skilled, motivated and detail-oriented security professional to join our dynamic team. The ideal candidate will be responsible for leading and managing our Vulnerability Management program along with Incident Management, ensuring the protection of our organization's digital assets.

Key Responsibilities:

Vulnerability Management:

• Lead the design, implementation, and continuous improvement of the enterprise-wide vulnerability management program.
• External attack surface management and technical remediation
• Run Vulnerability red team exercises and simulation for risk prioritization
• Oversee vulnerability assessments, scanning, and remediation efforts across all systems, networks, and applications.
• Collaborate with IT, GTM and product SRE teams to prioritize and remediate vulnerabilities based on risk and business impact.
• Develop and maintain metrics and dashboards to track vulnerability trends and remediation progress.
• Ensure compliance with internal policies, industry standards, and regulatory requirements (e.g., ISO 27001, NIST, CIS).

Incident Management:

• Assist in the development and execution of the incident response plan and playbooks.
• Act as a key responder and advisor during cybersecurity incidents, ensuring timely containment, investigation, and recovery.
• Conduct post-incident reviews and root cause analyses to improve future response efforts.
• Provide guidance and training to internal teams on incident response best practices.

Skills and Qualifications

• Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• 10+ years of experience in cybersecurity, with a strong focus on vulnerability and incident management.
• Proven experience with vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7) and SIEM/SOAR platforms.
• Deep understanding of threat landscapes, attack vectors, and mitigation strategies.
• Strong knowledge of security frameworks and standards (e.g., NIST, MITRE ATT&CK, OWASP).
• Excellent analytical, communication, and leadership skills.

Preferred Certifications:

• CISSP, CISM, OSCP, CEH, or equivalent.
• GIAC certifications (e.g., GCIH, GCIA, GPEN) are a plus.

Offers of employment are conditional upon passage of screening criteria applicable to the job

EEO Statement

Integrated into our shared values is NCR Voyix's commitment to diversity and equal employment opportunity.  All qualified applicants will receive consideration for employment without regard to sex, age, race, color, creed, religion, national origin, disability, sexual orientation, gender identity, veteran status, military service, genetic information, or any other characteristic or conduct protected by law.  NCR Voyix is committed to being a globally inclusive company where all people are treated fairly, recognized for their individuality, promoted based on performance and encouraged to strive to reach their full potential.  We believe in understanding and respecting differences among all people.  Every individual at NCR Voyix has an ongoing responsibility to respect and support a globally diverse environment.

Statement to Third Party Agencies
To ALL recruitment agencies: NCR Voyix only accepts resumes from agencies on the preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR Voyix employees, or any NCR Voyix facility. NCR Voyix is not responsible for any fees or charges associated with unsolicited resumes

"When applying for a job, please make sure to only open emails that you will receive during your application process that come from a  email domain."