Software Development Advisor at NTT DATA

Bengaluru, karnataka, India -

Full Time

Start Date

Immediate

Expiry Date

11 Feb, 26

Salary

0.0

Posted On

13 Nov, 25

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Cybersecurity Compliance, NIST Frameworks, Vulnerability Management, Penetration Testing, Risk Management, Documentation, Metrics Design, Cloud Compliance, Data Visualization, Analytical Skills, Collaboration, Continuous Learning, Technical Validation, Client-Facing Communication, Security Frameworks, Compliance Dashboards

Industry

IT Services and IT Consulting

Description

1. Maintain and continuously monitor compliance with NIST SP 800-53, NIST 800-171, and related privacy and security control frameworks. Conduct control assessments and evidence collection to support ongoing compliance and readiness for audits. Develop and maintain documentation, policies, and procedures supporting security and privacy compliance initiatives. Coordinate remediation activities and track closure of nonconformities or control gaps. Design and implement compliance metrics and dashboards to measure control effectiveness, risk trends, and audit readiness across business units. Perform hands-on vulnerability scanning, manual verification, and exploitation in controlled environments. Evaluate new and emerging security and privacy frameworks (e.g., ISO 27001, SOC 2, CMMC, CIS, NIST Privacy Framework). Perform detailed gap assessments against applicable frameworks and client security requirements. Provide strategic recommendations for strengthening controls and enhancing compliance posture. Collaborate with architecture and DevSecOps teams to embed new standards into design and delivery processes. Develop maturity models and benchmark metrics to measure progress toward compliance with evolving standards. Participate in client due diligence, RFP, and security questionnaire responses. Support internal and external audits by preparing evidence, addressing findings, and demonstrating compliance maturity. Provide clear, professional, and technical documentation to support audit and compliance activities. Design and maintain cybersecurity and compliance dashboards that integrate data from vulnerability management, compliance tracking, SIEM, and ticketing systems. Automate data collection and reporting processes to ensure timely visibility into security posture. Work with leadership to translate metrics into actionable insights for continuous improvement. Required: Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or related field (or equivalent experience). 5+ years of experience in cybersecurity compliance, penetration testing, or risk management. Strong understanding of NIST frameworks (SP 800-53, 800-171, 800-37, and Privacy Framework). Experience with vulnerability management and penetration testing tools (e.g., Nessus, Burp Suite, Metasploit, Nmap, Qualys). Demonstrated ability to interpret and apply security controls in both cloud and on-prem environments. Proven ability to design and maintain performance metrics, dashboards, and reporting frameworks. Excellent communication skills for technical and client-facing documentation. Industry certifications such as CISSP, CISA, CEH, OSCP, or similar. Experience with Azure, AWS, or hybrid cloud compliance controls. Familiarity with GRC platforms (e.g., Archer, ServiceNow, 6clicks) and data visualization tools (e.g., Power BI, Tableau, Grafana). Experience supporting FedRAMP, SOC 2, ISO 27001, or CMMC compliance programs. Deep understanding of security and privacy frameworks. Metrics-driven approach to compliance and risk management. Hands-on testing and technical validation skills. Strong analytical and visualization capabilities. Collaborative and client-focused mindset. Continuous learning and curiosity for evolving standards and technologies.

Responsibilities

The Software Development Advisor will maintain compliance with various security frameworks and conduct assessments to support audits. They will also collaborate with teams to embed new standards and develop metrics to measure compliance progress.