Want to be a part of our team?

An experienced professional who is responsible for overseeing and upholding compliance with information security and risk management by global standards and industrial/ISO standards. He/She is dedicated to ensuring continuous quality assurance and improvement in these areas. Additionally, He/She is responsible for managing and maintaining business continuity management to ensure the smooth operation of business and service delivery.

Working at NTT

DUTIES AND RESPONSIBILITIES

General

1. Provide continuous support and assistance to enhance the effectiveness and efficiency of operation processes

2. Manage and maintain a document library of policy, process and procedure to ensure management and distribution in a proper way

3. Manage and maintain a quality management framework for process and system development

4. Assist senior staff at HQ to implement and deliver ad hoc projects and ensure operational compliance and quality (e.g. ESG, Risk Management, InfoSec matter)

5. Support business needs by assisting in developing and implementing ISO standards and relevant policies.

6. Coordinate with the HQ QM team to deploy policy and standard deployment and develop/update the template/process/procedure accordingly

7. Provide training and awareness briefings for users to promote awareness and understanding of relevant company policies.

Information Security Management

1. Manage and maintain Information Security Management System as per global standards and aligned with industrial/ISO standards

2. Conduct regular internal audits according to the global/industrial/ISO standard to identify potential non-conformance and ensure the corrective and preventive measures are in place and ready for external assessment

3. Support business unit for external certification assessment on ISO27001, SOCs or information security-related

4. Coordinate with HQ QM team to deploy and update the process and procedure for information security matter

5. Manage information security incidents with support from the incident owner and report the incident to ISM, follow up with the incident owner for remedial action and mitigation plan

Business and Operation Risk Management

1. Manage and maintain a Risk Management System as per global standards and aligned with industrial/ISO standard

2. Support business units to identify and register the business and operation risk with proper control and mitigation plan

3. Manage risk registry log and keep tracking the status of control and mitigation plan, update senior staff at HQ QM team for all critical risks

4. Coordinate with HQ QM team to deploy and update the process and procedure for risk management matter.

Business Continuity Management

1. Manage and maintain a business continuity plan as per global standards and aligned with industrial/ISO standard

2. Manage and assist BCP activation and restoration.

3. Coordinate with the team(s) to ensure an up-to-date business continuous plan including resource plan, business impact analysis with mitigation plan, etc.

4. Arrange annual drills and consolidate the drill observations and reports.

Customer Audit/Compliance-check Management

1. Coordinate with HQ QM and relevant internal parties to prepare the supporting document, interview meeting for compliance-check/audit

2. Support to sales/pre-sales, product owners and operations for customer enquiry on information security, risk management and business continuity matters.

KPI / SLA Management

1. Perform as per department/team and individual KPI

2. Ensure SLA achievement

Other

1. Ad hoc assignment relevant to company business

Note: The responsibilities listed above are only a description of the key responsibilities for this position. This does not exempt the job holder from fulfilling other responsibilities assigned by the managers.

EDUCATION, SKILLS/TECHNICAL COMPETENCIES AND EXPERIENCE

Education

(including professional certification)

Minimum bachelor's degree

Auditor of ISO 27001

Computer Science/ IT/ Engineering or related discipline preferred.

Skills / technical competencies

(including specialized knowledge, abilities, and other characteristics such as personal characteristics)

• Specialized Knowledge: -

Professional in ISO27001, SOCs and other information security standards; Professional in risk management and business continuity management; Knowledge of industrial operation standards/best practices for DC facilities, Network & IT infrastructure.

• Skills: -

Team Player; Highly self-motivated; Ownership taker; Passionate; Communication skill; Able to work under pressure; Able to work independently without supervision; Able to manage multiple priorities; Open minded; ‘Can-do’ mindset; Positive thinking; Vendor management skill; Use of DC & IT management systems.

• Language and writing ability:-

English: Speaking, Reading, Writing

Chinese: Speaking (Not a must)

Experience

Minimum 6 years of experience in compliance and risk management

Experience in Networking/IT/Engineering/Critical Facility industries preferred.

Skills Summary

Continual Improvement Process, Contract Management, Performance Monitoring, Process Optimization, Regulatory Compliance Management, Risk Management

Workplace type :

On-site Working

Equal Opportunity Employer

NTT is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, color, sex, religion, national origin, disability, pregnancy, marital status, sexual orientation, gender reassignment, veteran status, or other protected category