This Global Information Security and Compliance role is responsible for helping Hitachi Vantara achieve and maintain authorisations and certifications that enable Hitachi Vantara services to be delivered into various vertical business markets across the world, meeting the contractual requirements of our customers.
Specifically, this individual is responsible for security compliance and risk advisory, readiness, audit, and continuous monitoring programs for the Hitachi Vantara Global Delivery business unit activities across the globe, focusing on secure multinational service operations delivered to our customers.
**What you'll be doing**
The Client Security and Audit Manager (CSAM) manages security-related business controls of customer(s) assigned to them working closely with Hitachi Vantara Global Delivery peers and partners to deliver an always secure, audit ready service environment in support of the designated account(s).
You will report to the Global Delivery Information Security and Compliance Officer and shall be supporting the assigned account Client Director(s) and Service Delivery Manager(s), providing leadership for Information Security, Governance, Risk and Compliance in alignment to both regulatory and contractual requirements.
This is a highly visible customer facing role, with regular interaction with both Hitachi Vantara Global Delivery partners and the customer's senior management, maintaining an overview of all Information Security related activities, as the first point of contact for all security matters of the assigned accounts.
- Managing audit cycles for international certifications including implementing, planning, evidence collection, testing, and reporting of internal audit tasks.
- Assisting with the completion of high-quality work products including project plans, work papers, evidence checklists, annual assessments for ongoing compliance activities of customer delivery services and associated audit reports.
- Plan, author and manage the compliance work in association with the business units of Hitachi Vantara, to develop continuous improvement practice and readiness for the coming audit periods.
- Work collaboratively and establish strong connections with various members of the Hitachi Vantara Global Delivery organisation, consulting partners, external auditors, regulators, and business partners in various integral regions, and serve as an advisor to the business.
- Develop, maintain, and deliver Hitachi Vantara compliance accreditation materials in support of accreditations and certifications for service clients.
- ISO/IEC 27001 - Information Security
- AICPA TSP 2017 SOC2 (including ISAE 3402 or SOC1)
- Actively participate as a member of the Incident Management Process, escalate, and assist in remediation of critical information security incidents and proactively coordinate BU Cyber risk resolution.
- Client Security Relationship Management
- Security Transition and Due Diligence
- Implement contractual compliance and Security Delivery coordination
- Security Awareness and Account Security Management
- Security Exception and Risk Management
- Security reporting of Key Controls compliance / Internal Audit
- Customer Security Audit Management
- Proactively evaluate and advise the business on new and evolving regional certification programs, requirements, and technologies, such as other frameworks including ISO/IEC 27017, Cyber Essentials, TISAX, NIST CSF, PCI-DSS, ABS OSPAR, MAS, HIPAA/HITRUST etc
**What you bring to the team**
- Must have 5+ years of IT security management knowledge, skills and experience performing IT compliance audit, cybersecurity audit, risk assurance or IT advisory.
- A relevant degree or professional security qualification such as CISSP, CCSP or CISM
- ISO/IEC 27001 Lead Auditor
- Prior experience in audit execution of more than one of the following compliance frameworks:
- ISO/IEC 27001,
- SOC 1 and SOC 2 (Type 2) Reporting
- With a knowledge of:
- NIST CSF,
- Cyber Essentials Plus
Useful understanding of:
- PCI DSS,
- FedRAMP and/or NIST 800 Series
- ISO/IEC 27017/27018,
- TISAX
- ISO/IEC 22301
You may have prior experience in IT security-managing role, as this role works with all levels of partners, up to and including CxO's, the Customer Account Team, suppliers and third parties, on a day-to-day basis.
**Our Company**
Our people are our biggest asset, they drive our innovation advantage and we strive to offer a flexible and collaborative workplace where they can thrive. Diversity of thought is welcomed and our employee base is represented by several active Employee Resource Group communities. We offer industry leading benefits packages (flexible working, generous pension and private healthcare) and promote a creative and inclusive culture. If driving real change gives you a sense of pride and you are passionate about powering social good, we'd love to hear from you.
**Our Values**
We strive to create an inclusive environment for all and ar