NTT Data Security Architecture Assessment Analyst in Halifax, Nova Scotia

At NTT DATA, we know that with the right people on board, anything is possible. The quality, integrity, and commitment of our employees have been key factors in our company’s growth and market presence. By hiring the best people and helping them grow both professionally and personally, we ensure a bright future for NTT DATA and for the people who work here.

A group company within NTT DATA currently seeks a Security Architecture Assessment Analyst to join our team in Halifax, NS.

As part of a group of security architecture assessment analysts, you will handle security architecture assessments on IT systems and applications for Vendors. NTT Data is looking for a Security Architect Assessment Analyst to review technology and architecture involving vendors. This role requires experience in application and/or infrastructure security and technology risk management in a highly regulated environment. The consultant will use defined assessment guidelines when performing risk analysis activities.

The assessment team is responsible for ensuring that systems deployed in the production environment meet all Security Architecture guidelines and standards, and that appropriate remediation plans are put into effect for any systems not meeting these standards.

Our client onboards large vendor services and requires detailed assessments of technology setup, technical architecture, and possible insider/external security threat for information loss. The Security Assessment Analyst will handle delivering the assessment in a timely manner while our client is finalizing the contract.

The ideal candidate will have experience working in a multiple vendor service environments such as cloud services, data center, remote apps support, managed services delivery, ODC set up, offshore location setup, etc. They should also have experience managing/assessing vendor environment set ups and evaluating any risks to the client’s environment.

This role requires strong communication skills as you will be working with technology stakeholders, senior executives and external vendors. Strong architecture experience is required to perform assessments for complete systems/solutions involving end-to-end technologies and processes. You must possess technical security knowledge to protect technology solutions and set up from internal and external threats.

Required Skills:

  • Excellent verbal and written communications skills, including presentations to clients and senior technical resources.

  • Ability to manage expectations and handle high-pressure situations with tight deadlines.

  • Experience in an information security (application and/or infrastructure) role in an enterprise environment.

  • Ability to explain common application vulnerabilities and remediation strategies to developers.

  • Ability to explain technology risks introduced by application vulnerabilities to a system’s Business Owner.

  • Ability to quickly adapt to changing priorities and demands

  • Comprehensive web application security expertise.

  • Excellent security knowledge (access control) of one or more applicable security technologies or platforms.

  • Excellent knowledge of information security processes, response procedures, and various attack methods used for information theft or network intrusion.

  • Excellent analytical and problem-solving skills.

  • Excellent knowledge of network technologies as they pertain to communications, computer system environments and related infrastructures.

  • Experience in application and integration of globally accepted security standards.

Duties and Responsibilities (day to day)

  • Contacting system owners for assigned systems to gather relevant background material about the system/application and setting up interviews for information gathering.

  • Conducting remote/in-person interviews with system owners to get all required information for assessment and to identify any gaps.

  • Reviewing system related material including specifications, diagrams, requirements and test plans to ensure security related standards are followed.

  • Reviewing results with system owners and Senior Security Architecture Analysts, as needed.

  • Conducting security assessments using available documentation.

  • Creating comprehensive security architecture assessment reports that clearly identify root-cause and remediation strategies.

  • Developing and establishing global security standards and processes

  • Evaluating new and emerging products and technologies while making recommendations concerning the introduction of new technologies


  • Knowledge of the Security Assessment and Authorization (SA&A) process is required.

  • Knowledge of primary control frameworks such as: ISO, CObIT, SOX, PCI, etc. is required.

  • Experience with security architecture analysis as well as secure software system designs and architecture including common development platforms and hardware/languages.

  • Experience designing and implementing enterprise applications.

  • Comprehensive web application security expertise.

  • Strong understanding of general Information security principles and solutions including design principles, data flow, connectivity and configuration.

  • Knowledge of network protocols (e.g. TCP/IP, DHCP, DNS) and design processes including an understanding of security objectives, operational objectives, and tradeoffs.

  • Knowledge of network access, identity, and access management (e.g., public key infrastructure [PKI]) as well as encryption.

  • Working knowledge of Office applications (Windows, Office Professional, Visio, etc.) and specialized project/program management software (MS Project, etc.)

  • Experience in security testing is a plus.

  • Experience with practical programming languages such as Java, JavaScript or .net.

  • Knowledge of the iOS or/and Android platform and their security model is a plus.

  • Experience in security testing is a plus.

  • Knowledge of cloud security architecture is a plus.

  • Financial Services industry knowledge is a plus.

  • ITIL Knowledge/Certification is a plus.

  • Preferred: CISSP, GIAC, SSCP or, CEH, CSSLP is a plus.

Minimum Education and Certifications

  • Undergraduate degree or equivalent combination of education and work experience.

  • Preferred: CISSP, GIAC, SSCP or, CEH, CSSLP.

Typical Years of Experience • Typically requires 2 years relevant experience. Physical Requirements/ Working Conditions • Ability to physically perform general office requirements. • Must be able to perform essential responsibilities with or without reasonable accommodations. • Client travel including overnight domestic or international trips may be required.

Required Qualifications:

Security Administration: 2 years

Experience with network and computer virtualization: 2 years

Experience with authorization and authentication technologies such as SAML, OAuth and OpenID: 2 years

This is a full-time salaried position with a group company within NTT DATA. Please note, contractors will NOT be considered. This position is only available to those interested in direct staff employment opportunities. We offer a full comprehensive benefits package that starts from your first day of employment.


NTT DATA is your Innovation Partner anywhere around the world. With business operations in more than 35 countries, we put emphasis on long-term commitment and combine global reach and local intimacy to provide premier professional services from consulting, system development, business process and IT outsourcing to cloud-based solutions.

Visit to learn how our consultants, projects, managed services, and outsourcing engagements deliver value for a range of businesses and government agencies.

Resource Request ID: 2016-181754