Security Engineer

Who we are

NTT DATA is one of the world's largest global security service providers, partnering with some of the most recognized security technology brands. We're looking for passionate, curious, and motivated individuals to join our team.

What you’ll be doing

• Operate and maintain security platforms in accordance with agreed Service Level Agreements (SLAs) as defined in Service Levels and KPIs
• Ensure high availability, performance, and reliability of all security tooling
• Monitor platform health and proactively address performance issues
• Manage platform upgrades, patches, and version control
• Provide monthly health and performance reports for all managed security platforms
• Manage onboarding of data sources to security platforms (e.g., log sources to SIEM)
• Configure data parsing, normalization, and enrichment to ensure data quality
• Design and maintain dashboards and visualizations for security monitoring and reporting
• Ensure integration with other Security Services and Tooling across the ecosystem
• Integrate security tools with recipients clients or Global's Splunk SIEM, CMDB, and ticketing systems
• Implement SSO (Single Sign-On) and MFA (Multi-Factor Authentication) integration with recipient clients or  Global's identity and access management systems
• Enforce Role-Based Access Control (RBAC) across all security platforms
• Conduct quarterly access reviews to ensure least-privilege access
• Manage user provisioning and deprovisioning for Global, Service Recipients, and authorized Supplier personnel
• Maintain auditable logs of all access changes
• Ensure all access changes are logged and auditable per clients requirements
• Manage security tool configurations in accordance with the Change Control Procedure
• Document all configuration changes and maintain configuration baselines
• Ensure configuration changes are approved by Global and/or Service Recipients before implementation
• Maintain configuration management database (CMDB) entries for all security tooling
• Support configuration audits and compliance reviewsPerform vulnerability scans of security tooling platforms in line with Vulnerability Management Service requirements
• Apply patches within timelines defined by recipient clients or Global policies and standards
• Report remediation status monthly
• Escalate unpatched critical vulnerabilities immediately to recipient clients or Global service
• Ensure security tooling platforms comply with recipient client or Global's patching policies
• Report tooling-related incidents (outages, performance issues, security events) to Global and or Service Recipients immediately
• Support Third Party vendor cases where Supplier actions affect system availability, integrity, or confidentiality
• Provide written notice of vulnerability disclosures and critical defects in tooling without undue delay
• Provide impact assessments and work-around proposals for tooling issues
• Log all tooling-related incidents and vulnerabilities in the agreed ticketing system
• Provide monthly reports detailing incident trends, vulnerability status, and remediation progress
• Support tooling replacement activities when recipient clients or Global decides to replace existing tools
• Participate in hypercare activities for Replacement Tooling up to and including implementation date
• Ensure seamless migration of configurations, data, and integrations to new platforms
• Cease use of Replaced Tooling by the specified replacement date

What you'll bring along

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field
• Minimum 5–10 years of experience in cybersecurity or IT security roles.
• Security Operations Tools: SIEM, EDR, SOAR, CTI Platform, VMS, Brand Protection, CA and PKI Management platform
• Security Architecture & Engineering Tools: SAST (Static Application Security Testing) - e.g., Checkmarx, Fortify, DAST (Dynamic Application Security Testing) - e.g., Burp Suite, OWASP ZAP, SCA (Software Composition Analysis) -e.g., Snyk, Black Duck, CSPM (Cloud Security Posture Management) - e.g., Prisma Cloud, Wiz, Container Scanning Tools
• Third Party Risk Management Platforms
• Case Management Systems for Third Party Security Assessments
• SIEM: Splunk (required), QRadar, ArcSight, LogRhythm, Sentinel
• EDR: CrowdStrike, Carbon Black, SentinelOne, Microsoft Defender
• SOAR: Splunk Phantom, Palo Alto Cortex XSOAR, IBM Resilient
• Vulnerability Management: Qualys, Tenable, Rapid7
• Threat Intelligence: Recorded Future, ThreatConnect, MISP
• Strong problem-solving and troubleshooting abilities
• Excellent attention to detail
• Effective communication skills (written and verbal)
• Ability to work collaboratively across teams
• Customer service orientation
• Ability to manage multiple priorities and deadlines
• Proactive and self-motivated
• Vendor-specific certifications for managed tools (e.g., Qualys, Tenable, Palo Alto Networks)
• ITIL Foundation or higher
• Cloud certifications (AWS, Azure, GCP)
• Automation certifications (Ansible, Terraform)
• Excellent command of both spoken and written English.