Security Engineer

NTT DATA Birmingham, England, United Kingdom Security Engineer 2 days ago Be among the first 25 applicants Direct message the job poster from NTT DATA Building diverse, high-performing teams that shape the future of NTT Data Security Tooling Engineer About Us NTT DATA is one of the world’s largest global security services providers, with over 7,500 security SMEs. We work with leading security technology vendors and pride ourselves on delivering innovative and effective solutions. Our people, clients, and communities are at the core of what we do. We’re seeking individuals passionate about building a more secure and sustainable world. The Security Tooling Engineer is responsible for the operation, maintenance, integration, and optimization of security platforms and tools that support the delivery of security services across NTT DATA and Service Recipients. This role ensures that security tooling operates reliably, integrates seamlessly with enterprise infrastructure, and complies with governance requirements outlined. Key Responsibilities Platform Operations & Maintenance Operate and maintain security platforms in accordance with agreed Service Level Agreements (SLAs) as defined in Service Levels and KPIs Ensure high availability, performance, and reliability of all security tooling Monitor platform health and proactively address performance issues Manage platform upgrades, patches, and version control Provide monthly health and performance reports for all managed security platforms Data Source Management & Integration Manage onboarding of data sources to security platforms (e.g., log sources to SIEM) Configure data parsing, normalization, and enrichment to ensure data quality Design and maintain dashboards and visualizations for security monitoring and reporting Ensure integration with other Security Services and Tooling across the ecosystem Integrate security tools with recipients clients or Global's Splunk SIEM, CMDB, and ticketing systems Implement SSO (Single Sign-On) and MFA (Multi-Factor Authentication) integration with recipient clients or Global's identity and access management systems Access Management & Governance Enforce Role-Based Access Control (RBAC) across all security platforms Conduct quarterly access reviews to ensure least-privilege access Manage user provisioning and deprovisioning for Global, Service Recipients, and authorized Supplier personnel Maintain auditable logs of all access changes Ensure all access changes are logged and auditable per clients requirements Configuration & Change Management Manage security tool configurations in accordance with the Change Control Procedure Document all configuration changes and maintain configuration baselines Ensure configuration changes are approved by Global and/or Service Recipients before implementation Maintain configuration management database (CMDB) entries for all security tooling Support configuration audits and compliance reviews Vulnerability & Patch Management Perform vulnerability scans of security tooling platforms in line with Vulnerability Management Service requirements Apply patches within timelines defined by recipient clients or Global policies and standards Report remediation status monthly Escalate unpatched critical vulnerabilities immediately to recipient clients or Global service Ensure security tooling platforms comply with recipient client or Global's patching policies Incident & Problem Management Report tooling-related incidents (outages, performance issues, security events) to Global and or Service Recipients immediately Support Third Party vendor cases where Supplier actions affect system availability, integrity, or confidentiality Provide written notice of vulnerability disclosures and critical defects in tooling without undue delay Provide impact assessments and work-around proposals for tooling issues Log all tooling-related incidents and vulnerabilities in the agreed ticketing system Provide monthly reports detailing incident trends, vulnerability status, and remediation progress Tooling Replacement & Migration Support tooling replacement activities when recipient clients or Global decides to replace existing tools Participate in hypercare activities for Replacement Tooling up to and including implementation date Ensure seamless migration of configurations, data, and integrations to new platforms Retrain on new tooling as required clients Cease use of Replaced Tooling by the specified replacement date Security Tooling Portfolio Management Manage and maintain the following categories of security tools: Security Operations Tools SIEM (Security Information and Event Management) - e.g., Splunk EDR (Endpoint Detection and Response) SOAR (Security Orchestration, Automation and Response) Vulnerability Scanners (e.g., Qualys, Tenable) Brand Protection and Domain Monitoring Tools Certificate Authority (CA) and PKI Management Platforms Security Architecture & Engineering Tools SAST (Static Application Security Testing) - e.g., Checkmarx, Fortify DAST (Dynamic Application Security Testing) - e.g., Burp Suite, OWASP ZAP SCA (Software Composition Analysis) - e.g., Snyk, Black Duck CSPM (Cloud Security Posture Management) - e.g., Prisma Cloud, Wiz Container Scanning Tools Penetration Testing Tools Information Security Tools Third Party Risk Management Platforms Case Management Systems for Third Party Security Assessments Service Support Tools Security Service Desk Ticketing Systems (e.g., Jira, ServiceNow) Reporting and Dashboard Platforms Experience Minimum 4 years of experience in security operations, security engineering, or IT systems administration Minimum 2 years of hands-on experience with SIEM platforms (preferably Splunk) Proven experience managing security tooling in enterprise environments Experience with integration of security tools with enterprise infrastructure (IAM, CMDB, ticketing) Demonstrated experience with access management and RBAC implementation Experience with vulnerability management and patch management processes Technical Skills Security Platforms SIEM: Splunk (required), QRadar, ArcSight, LogRhythm, Sentinel Vulnerability Management: Qualys, Tenable, Rapid7 Threat Intelligence: Recorded Future, ThreatConnect, MISP Integration & Automation REST APIs and API integration Scripting: Python, PowerShell, Bash Automation tools: Ansible, Terraform, Jenkins Data formats: JSON, XML, CSV, Syslog, CEF Infrastructure & Networking Linux and Windows server administration Networking fundamentals (TCP/IP, DNS, firewalls, proxies) Identity & Access Management SSO protocols: SAML, OAuth, OpenID Connect LDAP/Active Directory integration RBAC design and implementation Data & Reporting Log management and parsing Data normalization and enrichment Dashboard and visualization design (Splunk, Grafana, Kibana) Reporting and metrics Frameworks & Standards Clients Global Security Control Framework ISO 27001, NIST Cybersecurity Framework, CIS Benchmarks Change management and configuration management Seniority level Mid-Senior level Employment type Full-time Job function Consulting Industries IT Services and IT Consulting Referrals increase your chances of interviewing at NTT DATA by 2x Get notified about new Security Engineer jobs in Birmingham, England, United Kingdom. #J-18808-Ljbffr