Job Description

We're a business with a global reach that empowers local teams, and we undertake hugely exciting work that is genuinely changing the world. Our advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects.


Our inclusive work environment prioritises mutual respect, accountability, and continuous learning for all our people. This approach fosters collaboration, well-being, growth, and agility, leading to a more diverse, innovative, and competitive organisation. We are also proud to share that we have a range of Inclusion Networks such as: the Women's Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network.


For more information on Diversity, Equity and Inclusion please click here: Creating Inclusion Together at NTT DATA UK | NTT DATA

KEY RESPONSIBILITIES

Security Architecture Design Support

Create straightforward architecture designs for network and infrastructure projects under direct supervision Develop network security diagrams, security zone models, and data flow diagrams following design standards Support enterprise architecture teams with security requirements and design input Document security design decisions and architectural rationale clearly Contribute to security reference architectures and reusable design patterns Participate in architecture review sessions and incorporate feedback into designs

Network Security Design and Implementation

Design network security solutions including firewall architectures, network segmentation, and DMZ configurations Create detailed firewall rulesets, access control lists, and security policy designs Design VPN solutions for site-to-site and remote access connectivity Develop network security diagrams showing security zones, trust boundaries, and data flows Support implementation of network security controls following approved designs Document network security configurations and change procedures

Security Technology Solution Design

Design security technology solutions including SIEM, endpoint protection, and monitoring platforms Create technical specifications for security tool deployments under supervision Support proof of concept activities for security technology evaluations Design integration approaches for security tools within existing infrastructure Document technical requirements and implementation procedures for security solutions Assist with security technology vendor assessments and product selection

Infrastructure Hardening Design

Design security hardening standards for servers, network devices, and endpoints under supervision Create secure baseline configurations aligned with CIS Benchmarks and industry standards Develop security configuration policies and validation procedures Design automated hardening and compliance checking solutions Document security configuration requirements for infrastructure components Support security configuration assessments and remediation planning

Security Design Documentation

Produce high-quality security architecture documents and design specifications under supervision Create technical diagrams including network topology, security architecture, and data flow diagrams Develop security design standards and implementation guidelines Maintain design document repositories and configuration management Write technical security procedures and operational runbooks Contribute to security architecture governance and design review processes

Technical Security Assessment Support

Support security architecture reviews and design assessments under supervision Validate security control implementations against design requirements Conduct technical security gap analyses and identify design weaknesses Assess security risks in infrastructure designs and recommend mitigations Perform security configuration reviews and compliance assessments Document assessment findings and remediation recommendations

KEY PERFORMANCE INDICATORS

Quality and completeness of security designs and technical documentation produced Successful implementation of security solutions based on approved designs Client and stakeholder satisfaction with security design deliverables Accuracy of security configurations and minimal rework required Progress in professional development and certification achievements Contribution to security design standards and best practices

REQUIRED SKILLS & COMPETENCIES

Security Architecture and Design Expertise

Solid understanding of security architecture principles and design patterns Knowledge of network security architectures including defense in depth and zero trust Understanding of security zone models, network segmentation, and DMZ designs Familiarity with security frameworks (NIST CSF, ISO 27001, CIS Controls) Awareness of secure design principles for cloud and hybrid environments

Network and Infrastructure Technical Skills

Network security:

Firewalls, IPS/IDS, VPNs, proxies, NAC, load balancers

Network protocols:

Deep TCP/IP knowledge, routing protocols (BGP, OSPF), MPLS

Switching and routing:

VLANs, VXLANs, spanning tree, port security

Security platforms:

Palo Alto, Cisco ASA/Firepower, Fortinet, Check Point

Virtualization:

VMware NSX, network virtualization, micro-segmentation

Security Technology Knowledge

SIEM platforms:

Splunk, QRadar, Azure Sentinel, ELK Stack

Endpoint protection:

CrowdStrike, Carbon Black, Microsoft Defender

Network monitoring:

NetFlow, IPFIX, packet capture, network behavior analysis

Identity and access:

Active Directory, Azure AD, LDAP, RADIUS, TACACS+

Cloud security:

AWS VPC, Azure Virtual Networks, GCP VPC security

Design and Documentation Tools

Diagramming:

Microsoft Visio, Lucidchart, draw.io, enterprise architecture tools

Infrastructure as Code:

Terraform, CloudFormation, Ansible basics

Version control:

Git, document management systems

Collaboration:

Confluence, SharePoint, technical wikis

Project management:

Jira, ServiceNow, project documentation tools

Professional Skills

Clear technical communication with engineering teams and stakeholders Ability to translate security requirements into technical designs Collaborative approach to working with network, infrastructure, and security teams Problem-solving skills for complex security design challenges Attention to detail in technical specifications and documentation Time management and ability to prioritize multiple design activities

Certifications Required

CCNA Security

or

SSCP

(Systems Security Certified Practitioner) - Mandatory

Network security certification:

Fortinet NSE4, Palo Alto PCNSA/PCNSE, or Cisco CyberOps - Required

Security+

or equivalent foundation certification - Required

Working toward:

CISSP Associate, CCNP Security, or security architecture certifications

Eligible:

UK SC security clearance

MINIMUM QUALIFICATIONS

Experience

2-4 years of experience in network engineering, security engineering, or infrastructure roles 1-2 years designing or implementing network security solutions Hands-on experience with firewalls, routers, switches, and security technologies Experience creating technical documentation and architecture diagrams Familiarity with security design principles and frameworks

Project Responsibilities:

Execute security design work packages on client and internal projects Deliver technical security designs and implementation documentation Support security technology deployments and configuration activities

CERTIFICATION AND PROFESSIONAL DEVELOPMENT

Professional Requirements

CCNA Security or SSCP

demonstrating networking and security foundations

Vendor security certification

in firewall or security platform technologies

Security+

as baseline security knowledge certification

Continuous learning

in emerging security technologies and design patterns

Development Expectations

Progress toward advanced certifications (CISSP, CCNP Security, CCSP) Develop specialized skills in cloud security architecture or specific security domains Regular participation in technical training and vendor certification programs Contribution to internal security design standards and best practices Preparation for progression to P3 Infrastructure Security Design Consultant

WORK ENVIRONMENT

Technical design and engineering environment with client project delivery Collaboration with network, infrastructure, cloud, and security operations teams Mix of design activities, technical implementation support, and documentation Exposure to diverse security technologies and enterprise architectures Hybrid working model with occasional client site visits for design workshop

TECHNICAL COMPETENCY AREAS

Core Design Capabilities

Network security architecture:

Firewall designs, DMZ, network segmentation, VPN, zero trust

Security technology design:

SIEM, endpoint protection, monitoring, detection platforms

Identity architecture:

AD design, federation, MFA, privileged access management

Data protection design:

Encryption, DLP, backup, disaster recovery architectures

Cloud security design:

AWS, Azure, GCP security architecture patterns

Design Deliverables

High-level design documents with security architecture overview Low-level design documents with detailed technical specifications Network and security zone topology diagrams Data flow diagrams showing security control points Security configuration specifications and hardening guides



We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing. Our Learning and Development team ensure that there are continuous growth and development opportunities for our people. We also offer the opportunity to have flexible work options.


You can find more information about NTT DATA UK & Ireland here: https://uk.nttdata.com/


We are an equal opportunities employer. We believe in the fair treatment of all our employees and commit to promoting equity and diversity in our employment practices. We are also a proud Disability Confident Committed Employer - we are committed to creating a diverse and inclusive workforce. We actively collaborate with individuals who have disabilities and long-term health conditions which have an effect on their ability to do normal daily activities, ensuring that barriers are eliminated when it comes to employment opportunities. In line with our commitment, we guarantee an interview to applicants who declare to us, during the application process, that they have a disability and meet the minimum requirements for the role. If you require any reasonable adjustments during the recruitment process, please let us know. Join us in building a truly diverse and empowered team.

This position is Birmingham based but offers Hybrid flexible working options.

Please note, you will need to be eligible for SC clearance

NTT DATA

is one of the world's largest global security service providers, partnering with some of the most recognized security technology brands. We're looking for passionate, curious, and motivated individuals to join our team.


Working under direct supervision, you will apply your developing expertise in security architecture, network security design, and infrastructure protection to create security designs, implement security controls, and support security engineering projects. You will contribute to infrastructure security solutions while building your skills in secure design patterns, security technologies, and architecture frameworks under the guidance of senior engineers and architects.