Senior Security Platform Engineer

Make an impact at NTT Global Data Centers

Join NTT Global Data Centers and be part of a team that drives innovation and sustainability in the digital world. With over 150 data centers across more than 20 countries globally, we offer unparalleled opportunities to work on cutting-edge technology and transformative projects. Experience a collaborative, innovative, and inclusive workplace where your ideas are valued, and your growth is supported.

Your role at a glance

The Senior Security Platform Engineer is an advanced subject matter expert, responsible for facilitating problem resolution and mentoring for the overall Global Data Centers Office of Information Security (GDC-OIS) team. This role is critical in improving, developing and maintaining IT/OT vulnerability management programs and processes.

This role performs and leads important tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning).

The Senior Security Platform Engineer is responsible for detecting and monitoring escalated threats and suspicious activity affecting the organization's technology domain (servers, networks, appliances and all infrastructure supporting production applications and services for the enterprise, as well as OT and development environments).

What we are looking for

Key Responsibilities: Serves as a senior member of a 24/7 global GDC Cybersecurity team, providing leadership in IT/OT environments with required expertise in ICS and SCADA systems. Leads the administration and optimization of enterprise security platforms, overseeing lifecycle management including break-fix, patching, version upgrades, and integration with broader security ecosystems. Directs complex security incident response efforts across multiple vectors—endpoint protection, EDR, malware analysis, network and computer forensics—ensuring rapid containment and root cause analysis. Designs and executes advanced vulnerability assessments using both automated and manual techniques; collaborates with stakeholders to prioritize remediation based on business risk and threat intelligence. Oversees continuous monitoring of threat intelligence feeds and security alerts, proactively identifying emerging risks and recommending strategic countermeasures. Interprets and synthesizes threat reports to guide architectural improvements and validate the effectiveness of current security controls. Partners with cross-functional teams to develop and implement enterprise-wide mitigation strategies, configuration baselines, and patch management frameworks. Champions automation initiatives to streamline incident response, threat detection, and reporting workflows, leveraging available security platforms and scripting. Maintains and evolves the knowledge base by authoring and reviewing technical articles, playbooks, and SOPs to ensure consistency and operational excellence. Leads post-incident reviews, driving service recovery, documentation, and implementation of preventive measures across teams and vendors. Provides expert-level guidance on specialized security domains and technologies, ensuring comprehensive and efficient resolution of escalated incidents. Ensures meticulous incident logging and fosters collaboration across internal teams, client IT environments, vendors, and carriers to expedite resolution. Conducts advanced data correlation and threat hunting across diverse sources—network traffic, email logs, malware samples, web server logs, DNS records—to uncover stealthy threats and improve detection capabilities. Leads strategic security projects, mentors junior engineers, and contributes to the evolution of the organization’s security posture through innovation and thought leadership. Knowledge and Attributes: Advanced expertise in architecting, implementing, and optimizing SIEM and security platforms across hybrid environments. Demonstrated leadership in ICS and SCADA security integration and monitoring within critical infrastructure. Deep knowledge on security architecture, with hands-on experience designing and integrating multi-layered security solutions across diverse technology stacks. Strategic customer engagement mindset with a proactive approach to anticipating security needs, influencing stakeholders, and driving continuous improvement in service delivery. Recognized as a strategic problem solver with a track record of resolving complex security challenges independently and leading cross-functional teams through ambiguity. Exceptional attention to detail in high-stakes environments, ensuring precision in threat detection, incident response, and documentation that supports audit and compliance. Advanced analytical acumen with the ability to synthesize threat intelligence, correlate multi-source data, and drive actionable insights for risk mitigation. Polished spoken and written communication skills with English as the preferred language. Proven leadership in global security teams, fostering collaboration across departments, mentoring junior engineers, and driving alignment between security operations and business objectives. Academic Qualifications and Certifications: Bachelor's degree or equivalent in Information Technology or related field. Relevant level of Security certifications such as CySA+, PenTest+, CCSP, GCIH, OSCP, CISM, CISSP etc. preferred. Required Experience: Advanced experience in Security technologies like (SIEM, PAM, IAM, PenTest, Threat Hunting, Firewall, Proxy etc.) preferably within a global IT services organization. 5-7 years experience of working in IT and/or Security Operation centers required. Experience in a Data Center environment an added plus. Advanced experience in Cloud Security a plus ICS and SCADA knowledge required. Advanced experience in technical support to clients. Advanced experience in diagnosis and troubleshooting. Advanced experience providing remote support in Security Technologies. Advanced experience in SOC/CSIRT Operations. Advanced experience in handling security incidents end to end. Advanced experience in Security Engineering. Advanced Knowledge on networking, Windows, Linux and security concepts. Advanced Seasoned experience in configuring/managing security controls such as RBAC, IAM, Zero Trust, UTM, Proxy, SOAR, etc.. Advanced Knowledge on log collection mechanism such as Syslog, Log file, DB API. Knowledge in security architecture. Physical Requirement: Primarily sitting with some walking, standing, and bending. Able to hear and speak into a telephone. Close visual work on a computer terminal. Dexterity of hands and fingers to operate any required to operate computer keyboard, mouse, and other technical instruments. Work Conditions and Other Requirements: This position is expected to be Hybrid for the foreseeable future with an occasional need to be onsite in a shared work environment. Must be comfortable with flexible working schedules across regions and their standard Time zones other than the base location. (US, EMEA & APAC) Extensive daily usage of workstation or computer. Must be comfortable working in a highly critical, fast paced environment with shifting priorities. Some domestic and/or international travel required, up to 25% of time. Perform work from a remote location with stable internet connection.

Who we are

As the third largest data center provider, we operate over 150 data centers in more than 20 countries and regions. We understand that every business – large and small – has its own unique needs and goals. We offer local-to-global data center expertise, aligned with our connected platform of AI-ready data centers to create solutions that enable our clients to seamlessly scale their digital businesses, anywhere and anytime.