Security Platform Engineer

**Make an impact with NTT DATA**
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it’s a place where you can grow, belong and thrive.

**Your day at NTT DATA**

This role performs operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning).

**What you'll be doing**

**Key Responsibilities**:

- Works as part of a 24/7 global team in IT/OT environment. ICS and SCADA knowledge preferred.
- Administers the organization's security tools to gather security logs from the environment and performs lifecycle management, including break-fix, patching, and live updates.
- Performs security incident handling and response from various vectors, including endpoint protection, enterprise detection and response tools, attack analysis, malware analysis, network forensics, and computer forensics.
- Analyzes scan results, prioritizes vulnerabilities based on severity, impact, and exploitability, and provides detailed remediation recommendations to system owners, administrators, and IT teams.
- Monitors security alerts and maintains awareness of new threats and vulnerabilities to identify potential risks.
- Reads reports, makes risk assessments, works to detect the source of attacks, and tests current defenses against threats.
- Collaborates to develop practical mitigation strategies, configuration changes, and patch management processes to address identified vulnerabilities.
- Identifies opportunities to make automations that will help the incident response team.
- Ensures usage of knowledge articles in incident diagnosis and resolution and assists with updating as required.
- Investigates causes of incidents, seeks resolution, and escalates unresolved incidents, following up until resolved.
- Provides service recovery following the resolution of incidents and documents and closes resolved incidents according to agreed procedures.
- Logs all incidents in a timely manner with the required level of detail and cooperates with all stakeholders, including client IT environments, vendors, and carriers, to expedite diagnosis of errors and problems and identify a resolution.
- Leads projects, self-starter, and performs any other related task as required.

**Knowledge and Attributes**:

- Seasoned working knowledge on implementation and monitoring of any SIEM or security tools/technologies. ICS and SCADA knowledge preferred
- Seasoned knowledge on security architecture, worked across different security technologies.
- Customer service orientated and pro-active thinking.
- Problem solver who is highly driven and self-organized.
- Great attention to detail.
- Good analytical and logical thinking.
- Excellent spoken and written communication skills.
- Team leader with the ability to work well with others and in group with colleagues and stakeholders.

**Academic Qualifications and Certifications**:

- Bachelor's degree or equivalent in Information Technology or related field.
- Relevant level of Security certifications such as CySA+, PenTest+, CCSP, GCIH, OSCP, etc. preferred.
- Relevant level of IT certifications such as GRID, GICSP, AZ-500, SC-200, CCNA/CCNP, CISSP, CISM etc. will be added advantage.

**Required Experience**:

- Seasoned experience in Security technologies like (SIEM, PAM, IAM, PenTest, Threat Hunting, Firewall, Proxy etc.) preferably within a global IT services organization.
- ICS and SCADA knowledge preferred.
- Seasoned experience in technical support to clients.
- Seasoned experience in diagnosis and troubleshooting.
- Seasoned experience providing remote support in Security Technologies.
- Seasoned experience in SOC/CSIRT Operations.
- Seasoned experience in handling security incidents end to end.
- Seasoned experience in Security Engineering.
- Knowledge on networking, Linux and security concepts.
- Seasoned experience in configuring/managing security controls such as RBAC, IAM, Zero Trust, UTM, Proxy, SOAR, etc..
- Knowledge on log collection mechanism such as Syslog, Log file, DB API.
- Knowledge in security architecture.

**Work Conditions & Other Requirements**:

- Must be comfortable working in a highly critical, fast paced environment with shifting priorities.
- Some domestic and/or international travel required, up to 25% of time.
- Perform work from a remote location with stable internet connection.

**#GlobalDataCentersCareers**

**Workplace type**:
Hybrid Working

**About NTT DATA**

**Equal Opportunity Employer