Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Manage and optimise security platforms to ensure top-notch protection and performance.
- Company: Join NTT DATA, a global leader in security services with a focus on innovation.
- Benefits: Enjoy competitive pay, health perks, and opportunities for remote work and growth.
- Why this job: Be part of a mission to create a safer world through cutting-edge security technology.
- Qualifications: 4+ years in security operations and hands-on experience with SIEM tools like Splunk.
- Other info: Dynamic role with excellent career advancement in a supportive environment.
The predicted salary is between 36000 - 60000 £ per year.
About Us
NTT DATA is one of the world’s largest global security services providers, with over 7,500 security SMEs. We work with leading security technology vendors and pride ourselves on delivering innovative and effective solutions. Our people, clients, and communities are at the core of what we do. We’re seeking individuals passionate about building a more secure and sustainable world.
The Security Tooling Engineer is responsible for the operation, maintenance, integration, and optimization of security platforms and tools that support the delivery of security services across NTT DATA and Service Recipients. This role ensures that security tooling operates reliably, integrates seamlessly with enterprise infrastructure, and complies with governance requirements outlined.
Key Responsibilities
- Platform Operations & Maintenance
- Operate and maintain security platforms in accordance with agreed Service Level Agreements (SLAs) as defined in Service Levels and KPIs.
- Ensure high availability, performance, and reliability of all security tooling.
- Monitor platform health and proactively address performance issues.
- Manage platform upgrades, patches, and version control.
- Provide monthly health and performance reports for all managed security platforms.
- Data Source Management & Integration
- Manage onboarding of data sources to security platforms (e.g., log sources to SIEM).
- Configure data parsing, normalization, and enrichment to ensure data quality.
- Design and maintain dashboards and visualizations for security monitoring and reporting.
- Ensure integration with other Security Services and Tooling across the ecosystem.
- Integrate security tools with recipients clients or Global's Splunk SIEM, CMDB, and ticketing systems.
- Implement SSO (Single Sign-On) and MFA (Multi-Factor Authentication) integration with recipient clients or Global's identity and access management systems.
- Access Management & Governance
- Enforce Role-Based Access Control (RBAC) across all security platforms.
- Conduct quarterly access reviews to ensure least-privilege access.
- Manage user provisioning and deprovisioning for Global, Service Recipients, and authorized Supplier personnel.
- Maintain auditable logs of all access changes.
- Ensure all access changes are logged and auditable per clients requirements.
- Configuration & Change Management
- Manage security tool configurations in accordance with the Change Control Procedure.
- Document all configuration changes and maintain configuration baselines.
- Ensure configuration changes are approved by Global and/or Service Recipients before implementation.
- Maintain configuration management database (CMDB) entries for all security tooling.
- Support configuration audits and compliance reviews.
- Vulnerability & Patch Management
- Perform vulnerability scans of security tooling platforms in line with Vulnerability Management Service requirements.
- Apply patches within timelines defined by recipient clients or Global policies and standards.
- Report remediation status monthly.
- Escalate unpatched critical vulnerabilities immediately to recipient clients or Global service.
- Ensure security tooling platforms comply with recipient client or Global's patching policies.
- Incident & Problem Management
- Report tooling-related incidents (outages, performance issues, security events) to Global and or Service Recipients immediately.
- Support Third Party vendor cases where Supplier actions affect system availability, integrity, or confidentiality.
- Provide written notice of vulnerability disclosures and critical defects in tooling without undue delay.
- Provide impact assessments and work-around proposals for tooling issues.
- Log all tooling-related incidents and vulnerabilities in the agreed ticketing system.
- Provide monthly reports detailing incident trends, vulnerability status, and remediation progress.
- Tooling Replacement & Migration
- Support tooling replacement activities when recipient clients or Global decides to replace existing tools.
- Participate in hypercare activities for Replacement Tooling up to and including implementation date.
- Ensure seamless migration of configurations, data, and integrations to new platforms.
- Retrain on new tooling as required clients.
- Cease use of Replaced Tooling by the specified replacement date.
- Security Tooling Portfolio Management
- Manage and maintain the following categories of security tools:
- Security Operations Tools: SIEM (Security Information and Event Management) - e.g., Splunk, EDR (Endpoint Detection and Response), SOAR (Security Orchestration, Automation and Response), Threat Intelligence Platforms, Vulnerability Scanners (e.g., Qualys, Tenable), Brand Protection and Domain Monitoring Tools, Certificate Authority (CA) and PKI Management Platforms.
- Security Architecture & Engineering Tools: SAST (Static Application Security Testing) - e.g., Checkmarx, Fortify, DAST (Dynamic Application Security Testing) - e.g., Burp Suite, OWASP ZAP, SCA (Software Composition Analysis) - e.g., Snyk, Black Duck, CSPM (Cloud Security Posture Management) - e.g., Prisma Cloud, Wiz, Container Scanning Tools, Penetration Testing Tools, Information Security Tools, Third Party Risk Management Platforms, Case Management Systems for Third Party Security Assessments, Service Support Tools, Security Service Desk Ticketing Systems (e.g., Jira, ServiceNow), Reporting and Dashboard Platforms.
- Minimum 4 years of experience in security operations, security engineering, or IT systems administration.
- Minimum 2 years of hands-on experience with SIEM platforms (preferably Splunk).
- Proven experience managing security tooling in enterprise environments.
- Experience with integration of security tools with enterprise infrastructure (IAM, CMDB, ticketing).
- Demonstrated experience with access management and RBAC implementation.
- Experience with vulnerability management and patch management processes.
- Security Platforms: SIEM: Splunk (required), QRadar, ArcSight, LogRhythm, Sentinel; EDR: CrowdStrike, Carbon Black, SentinelOne, Microsoft Defender; SOAR: Splunk Phantom, Palo Alto Cortex XSOAR, IBM Resilient; Vulnerability Management: Qualys, Tenable, Rapid7; Threat Intelligence: Recorded Future, ThreatConnect, MISP.
- Integration & Automation: REST APIs and API integration; Scripting: Python, PowerShell, Bash; Automation tools: Ansible, Terraform, Jenkins; Data formats: JSON, XML, CSV, Syslog, CEF.
- Infrastructure & Networking: Linux and Windows server administration; Networking fundamentals (TCP/IP, DNS, firewalls, proxies); Cloud platforms: AWS, Azure, GCP; Containerization: Docker, Kubernetes.
- Identity & Access Management: SSO protocols: SAML, OAuth, OpenID Connect; MFA solutions: Duo, Okta, Azure MFA; LDAP/Active Directory integration; RBAC design and implementation.
- Data & Reporting: Log management and parsing; Data normalization and enrichment; Dashboard and visualization design (Splunk, Grafana, Kibana); Reporting and metrics.
- Frameworks & Standards: Clients Global Security Control Framework; ISO 27001, NIST Cybersecurity Framework, CIS Benchmarks; ITIL service management practices; Change management and configuration management.
Security Engineer in Birmingham employer: NTT DATA
Contact Detail:
NTT DATA Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Security Engineer in Birmingham
✨Tip Number 1
Network, network, network! Get out there and connect with people in the security field. Attend industry events, join online forums, and don’t be shy about reaching out on LinkedIn. You never know who might have the inside scoop on job openings!
✨Tip Number 2
Prepare for interviews like a pro! Research NTT DATA and understand their security services. Be ready to discuss how your experience aligns with their needs, especially around security tooling and integration. Practice common interview questions and have your own questions ready to show your interest.
✨Tip Number 3
Show off your skills! If you’ve worked with SIEM platforms or have experience in vulnerability management, make sure to highlight that in conversations. Consider creating a portfolio of projects or case studies that demonstrate your expertise in security operations.
✨Tip Number 4
Apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re genuinely interested in joining NTT DATA. Don’t forget to follow up after applying; a little persistence can go a long way!
We think you need these skills to ace Security Engineer in Birmingham
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Security Tooling Engineer role. Highlight relevant experience with security platforms, SIEM tools, and any specific technologies mentioned in the job description. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about security engineering and how your background makes you a great fit for our team. Don’t forget to mention any innovative solutions you've implemented in the past.
Showcase Your Technical Skills: Be sure to list your technical skills clearly, especially those related to security operations and tooling. Mention your hands-on experience with SIEM platforms like Splunk, as well as any scripting or automation tools you've used. We love seeing that expertise!
Apply Through Our Website: We encourage you to apply through our website for the best chance of getting noticed. It’s super easy, and you’ll be able to keep track of your application status. Plus, we love seeing candidates who take the initiative to connect directly with us!
How to prepare for a job interview at NTT DATA
✨Know Your Security Tools
Make sure you’re well-versed in the specific security tools mentioned in the job description, especially SIEM platforms like Splunk. Brush up on your experience with EDR and vulnerability management tools, as these will likely come up during the interview.
✨Demonstrate Problem-Solving Skills
Prepare to discuss past incidents where you had to troubleshoot or resolve security issues. Use the STAR method (Situation, Task, Action, Result) to structure your answers, showcasing how you effectively managed incidents and improved security operations.
✨Understand Integration and Automation
Familiarise yourself with integration processes and automation tools relevant to security platforms. Be ready to explain how you’ve used APIs, scripting, or automation tools like Ansible or Terraform to enhance security operations in previous roles.
✨Showcase Your Governance Knowledge
Since governance is a key aspect of this role, be prepared to discuss your understanding of access management, RBAC implementation, and compliance with frameworks like ISO 27001 or NIST. Highlight any experience you have with conducting access reviews or maintaining auditable logs.
