Security Development and Test Director
We are currently recruiting for a dynamic Security Development and Test Director to join our growing Security team.
About Us
NTT DATA is one of the world’s largest Global Security services providers with over 7500 Security SMEs and Integration partner to many of the worlds most recognised Security Technology providers. We strive to hire exceptional, innovative, and passionate individuals who want to grow with us. In a constantly changing world, we work together with our people, clients and communities to enable them to fulfil their potential to do great things. We believe that by bringing everyone together, we can solve problems using innovative technology that can create a world that is sustainable and secure.
This is a great opportunity for you to play a pivotal role in helping to shape our client’s transformation journeys.
What you'll be doing:What you’ll be doing;
Using your background in managing complex development and testing programs, you will:
\tPre-Sales Support and Business Development\t\t\tPartner with sales and business development teams to define and articulate the value proposition of the security development and testing offerings.\t\tRepresent the function in client engagements, pre-sales discussions, and technical assessments.\t\tDesign and present tailored solutions based on customer-specific challenges and threat landscapes.\t\tCollaborate on statements of work (SOWs) and influence product roadmaps.\t\t\tService Delivery Assurance\t\t\tOversee performance and quality of services delivered, ensuring SLA and KPI compliance.\t\tImplement governance mechanisms and standardised methodologies.\t\tAct as the primary escalation point for complex engagements.\t\tConduct regular client reviews to identify enhancement opportunities.\t\t\tBudget and Financial Management\t\t\tDevelop and manage financial plans, including budgeting and profitability analysis.\t\tMonitor expenses and identify cost reduction opportunities.\t\tEnsure profitability through forecasting and margin analysis.\t\tRefine pricing models and maximise billable utilisation.\t\t\tSecure Architecture and DevSecOps Integration\t\t\tDefine and govern secure architecture standards across development teams, ensuring alignment with enterprise security policies, regulatory requirements, and industry frameworks (e.g., NIST, OWASP, ISO 27001).\t\tLead the strategic integration of security into DevOps pipelines, embedding security controls and automated testing into CI/CD workflows to enable secure-by-design delivery.\t\tOversee the implementation and optimisation of security tooling, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and container security scanners.\t\tEstablish architectural review boards and security design checkpoints to validate that new systems and applications meet defined security requirements before deployment.\t\tDrive continuous improvement in DevSecOps maturity, using metrics and feedback loops to refine processes, reduce risk exposure, and accelerate secure delivery.\t\tCollaborate with enterprise architects, engineering leads, and product owners to ensure security is embedded from ideation through to deployment and maintenance.\t\tChampion threat modelling and secure design practices, ensuring development teams proactively identify and mitigate risks during the design phase.\t\tMentor and upskill engineering teams on secure coding, architectural risk assessment, and DevSecOps principles to build a culture of shared security ownership.\t\t
Key Performance Indicators (KPIs)
\tSecure Architecture Compliance Rate: Percentage of projects that meet defined secure architecture standards and pass architecture review gates.\tDevSecOps Integration Maturity: Measured progress in embedding security controls into CI/CD pipelines, including automated testing, code scanning, and policy enforcement.\tSecurity Testing Coverage: Proportion of applications and systems that undergo static, dynamic, and interactive security testing before release.\tVulnerability Remediation Velocity: Average time taken to remediate critical and high-severity vulnerabilities identified during development and testing phases.\tToolchain Utilisation Effectiveness: Adoption and effective use of security tools (e.g., SAST, DAST, SCA) across development teams, measured by scan frequency and issue resolution rates.\tTraining and Awareness Uptake: Percentage of development and QA staff completing secure coding and DevSecOps training programs.\tAudit and Compliance Pass Rate: Success rate in internal and external audits related to secure development practices and testing controls.\tInnovation and Automation Impact: Number of manual security testing processes replaced or enhanced through automation, contributing to faster and more reliable delivery What experience you'll bring:What you’ll bring;
It starts with amazing people, challenging projects and a work environment that supports the creation of tangible solutions that make an impact. You will need to have a broad experience of security service delivery management and have evidence of experience in a number of the following fields of expertise:
\t10+ years in secure software development and testing, 5+ in leadership.\tProven success in managing large-scale secure development projects.\tExcellent communication and client relationship skills.\tExperience managing crisis situations and leading diverse teams.\tStrong English writing and verbal communication skills.\tAttention to detail and ability to build high-performing teams.\tRelevant certifications (e.g., CISSP, CISM, CSSLP, CEH).\tValid right to work in the UK and eligibility for UK SC clearance
Who we are:
We’re a business with a global reach that empowers local teams, and we undertake hugely exciting work that is genuinely changing the world. Our advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects.
Our inclusive work environment prioritises mutual respect, accountability, and continuous learning for all our people. This approach fosters collaboration, well-being, growth, and agility, leading to a more diverse, innovative, and competitive organisation. We are also proud to share that we have a range of Inclusion Networks such as: the Women’s Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network.
For more information on Diversity, Equity and Inclusion please click here: Creating Inclusion Together at NTT DATA UK | NTT DATA
what we'll offer you:We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing. Our Learning and Development team ensure that there are continuous growth and development opportunities for our people. We also offer the opportunity to have flexible work options.
You can find more information about NTT DATA UK & Ireland here: https://uk.nttdata.com/
We are an equal opportunities employer. We believe in the fair treatment of all our employees and commit to promoting equity and diversity in our employment practices. We are also a proud Disability Confident Committed Employer - we are committed to creating a diverse and inclusive workforce. We actively collaborate with individuals who have disabilities and long-term health conditions which have an effect on their ability to do normal daily activities, ensuring that barriers are eliminated when it comes to employment opportunities. In line with our commitment, we guarantee an interview to applicants who declare to us, during the application process, that they have a disability and meet the minimum requirements for the role. If you require any reasonable adjustments during the recruitment process, please let us know. Join us in building a truly diverse and empowered team.