This Global Information Security and Compliance role is responsible for helping Hitachi Vantara achieve and maintain authorisations and certifications that enable Hitachi Vantara services to be delivered into various vertical business markets across the world, meeting the contractual requirements of our customers.
Specifically, this individual is responsible for security compliance and risk advisory, readiness, audit, and continuous monitoring programs for the Hitachi Vantara Global Delivery business unit activities across the globe, focusing on secure multinational service operations delivered to our customers. What you'll be doing
The Client Security and Audit Manager (CSAM) manages security-related business controls of customer(s) assigned to them working closely with Hitachi Vantara Global Delivery peers and partners to deliver an always secure, audit ready service environment in support of the designated account(s).
You will report to the Global Delivery Information Security and Compliance Officer and shall be supporting the assigned account Client Director(s) and Service Delivery Manager(s), providing leadership for Information Security, Governance, Risk and Compliance in alignment to both regulatory and contractual requirements.
This is a highly visible customer facing role, with regular interaction with both Hitachi Vantara Global Delivery partners and the customer's senior management, maintaining an overview of all Information Security related activities, as the first point of contact for all security matters of the assigned accounts.
What you bring to the team
- Managing audit cycles for international certifications including implementing, planning, evidence collection, testing, and reporting of internal audit tasks.
- Assisting with the completion of high-quality work products including project plans, work papers, evidence checklists, annual assessments for ongoing compliance activities of customer delivery services and associated audit reports.
- Plan, author and manage the compliance work in association with the business units of Hitachi Vantara, to develop continuous improvement practice and readiness for the coming audit periods.
- Work collaboratively and establish strong connections with various members of the Hitachi Vantara Global Delivery organisation, consulting partners, external auditors, regulators, and business partners in various global regions, and serve as an advisor to the business.
- Directly involved in shaping compliance programs in the Hitachi Vantara Global Delivery business unit and will work with a team of subject matter experts, from multiple disciplines and countries, to help define and deliver on the compliance needs of the business, while helping Hitachi Vantara deliver new and support existing offerings for our customers.
- Develop, maintain, and deliver Hitachi Vantara compliance accreditation materials in support of accreditations and certifications for service clients.
- ISO/IEC 27001 - Information Security
- AICPA TSP 2017 SOC2 (including ISAE 3402 or SOC1)
- Actively participate as a member of the Incident Management Process, escalate, and assist in remediation of critical information security incidents and proactively coordinate BU Cyber risk resolution.
- Client Security Relationship Management
- Security Transition and Due Diligence
- Implement contractual compliance and Security Delivery coordination
- Security Awareness and Account Security Management
- Security Exception and Risk Management
- Security reporting of Key Controls compliance / Internal Audit
- Customer Security Audit Management
- Proactively evaluate and advise the business on new and evolving regional certification programs, requirements, and technologies, such as other frameworks including ISO/IEC 27017, Cyber Essentials, TISAX, NIST CSF, PCI-DSS, ABS OSPAR, MAS, HIPAA/HITRUST etc
- Must have 5+ years of IT security management knowledge, skills and experience performing IT compliance audit, cybersecurity audit, risk assurance or IT advisory.
- A relevant degree or professional security qualification such as CISSP, CCSP or CISM
- ISO/IEC 27001 Lead Auditor
- Prior experience in audit execution of more than one of the following compliance frameworks:
- ISO/IEC 27001,
- SOC 1 and SOC 2 (Type 2) Reporting
- With a knowledge of:
- NIST CSF,
- Cyber Essentials Plus
Useful understanding of:
- PCI DSS,
- FedRAMP and/or NIST 800 Series
- ISO/IEC 27017/27018,
- ISO/IEC 22301
You may have prior experience in IT security-managing role, as this role works with all levels of partners, up to and including CxO's, the Customer Account Team, suppliers and third parties, on a day-to-day basis. Our Company
Hitachi Vantara is part of the Global Hitachi family. We balance innovation with an open, friendly culture and the backing of a long-established parent company, known for its ethical reputation. We guide customers from what's now to what's next by unlocking the value of their data and applications to solve their digital challenges, achieving outcomes that benefit both business and society.
Our people are our biggest asset, they drive our innovation advantage and we strive to offer a flexible and collaborative workplace where they can thrive. Diversity of thought is welcomed and our employee base is represented by several active Employee Resource Group communities. We offer industry leading benefits packages (flexible working, generous pension and private healthcare) and promote a creative and inclusive culture. If driving real change gives you a sense of pride and you are passionate about powering social good, we'd love to hear from you. Our Values
We strive to create an inclusive environment for all and are open to considering home working, compressed/flexible hours and flexible arrangements. Get in touch with us to explore how we might be able to accommodate your specific needs.
We are proud to say we are an equal opportunity employer and welcome all applicants for employment without attention to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status. With Japanese roots going back over 100 years, our culture is founded on the values of our parent company expressed as the Hitachi Spirit:
Wa - Harmony, Trust, Respect
Makoto - Sincerity, Fairness, Honesty, Integrity
Kaitakusha-Seishin - Pioneering Spirit, Challenge