Senior Security Solution Architect (Pre-sales)

Your day at NTT DATA
 

The Senior Security Solutions Architect is an advanced subject matter expert responsible for consulting with clients and partnering with internal Technology Solutions teams to define security-focused strategies, transformational designs, and architectural visions for complex, enterprise-scale solutions.

This role provides multi-technology and cybersecurity consulting services across application, infrastructure, cloud, data, and security technology domains, ensuring that solutions are designed and delivered in alignment with modern security frameworks, industry best practices, and client risk profiles.

Key Responsibilities:

• Contributes to the development of complex security-centric solution architectures across business, infrastructure, application, and cloud environments.

• Identifies and evaluates alternative security architectures and analyzes trade-offs in risk reduction, cost, performance, and scalability.

• Produces specifications for cloud or on‑premises components with an emphasis on security controls, identity and access management, encryption standards, network segmentation, and compliance requirements.

• Designs components using modelling techniques that incorporate security‑by‑design principles, Zero Trust concepts, and industry frameworks (e.g., NIST CSF, ISO 27001).

• Creates multiple design views for stakeholder concerns, including non‑functional security requirements, and develops security proof‑of‑concepts (POCs).

• Supports change programs with technical planning aligned to enterprise security architecture standards and regulatory requirements.

• Ensures solutions meet data protection and cybersecurity obligations (GDPR, HIPAA, PCI‑DSS, SOC 2).

• Leads understanding of client security requirements, gathers and analyzes threat/risk data, and provides expert remediation guidance.

• Advises clients on security modernization, cloud security, secure application design, and emerging cybersecurity practices.

• Recommends new security services and contributes to security go‑to‑market offerings.

• Provides coaching and mentoring to less experienced architects and engineers.

• Design and deliver secure architectures for AI-driven and agentic systems (LLMs, RAG, autonomous agents), addressing emerging risks such as prompt injection, data poisoning, and model/data leakage

• Define and implement security controls across the AI lifecycle (data, model, inference, orchestration), embedding governance, identity, and policy into LLMOps/MLOps pipelines

• Advise clients on securing human-to-agent and agent-to-agent interactions, applying zero trust principles and ensuring auditability, compliance, and safe autonomous behavior in production environments

Knowledge and Attributes

• Advanced knowledge of security architecture, IAM, PAM, endpoint protection, cloud security, network security, and threat modelling.

• Strong understanding of multi‑vendor security technologies and security operations tooling (SIEM, SOAR, vulnerability management).

• Excellent communication skills with the ability to present complex security concepts clearly.

• Ability to design and leverage security reference architectures and stay current on evolving threats.

• Strong collaboration skills with sales, product, delivery, engineering, and security operations teams.

• Advanced analytical and risk‑assessment skills.

Academic Qualifications and Certifications (Focused on Cisco, Palo Alto, Fortinet, Check Point)

• Bachelor’s degree in computer science, engineering, cybersecurity, or related field (or equivalent experience).

• Strongly preferred certifications: Cisco: (CCNP Security, CCIE Security, CyberOps) and/or Palo Alto Networks: (PCNSA, PCNSE) and/or Fortinet: (NSE4–NSE7 (especially NSE5–NSE7)) and /or Check Point: (CCSA, CCSE, CCSM)

• Additional cybersecurity certifications beneficial but secondary to vendor expertise

• SAFe Scaled Agile certification advantageous

• Familiarity with frameworks such as TOGAF or SABSA beneficial.

Required Experience (Vendor‑Focused)

• Advanced hands‑on experience designing, implementing, integrating, and troubleshooting solutions from: Cisco (Firepower, ASA, ISE, Umbrella, SecureX, VPN solutions), Palo Alto Networks (NGFW, Panorama, GlobalProtect, Prisma Access/Cloud), Fortinet (FortiGate, FortiManager, FortiAnalyzer, FortiAuthenticator, SD‑WAN), Check Point (Quantum Security Gateway, Management Server, CloudGuard, Infinity)

• Experience with secure network design, segmentation, threat prevention, IPS/IDS, URL filtering, and advanced malware protection.

• Experience integrating logging, monitoring, and SIEM/SOAR systems.

• Experience with secure remote access, VPN architecture, and Zero Trust design.

• Experience integrating solutions into hybrid/multi‑cloud environments (AWS, Azure, GCP).

• Experience in client‑facing security consulting, including requirements gathering and risk analysis.

• Experience working in Agile or DevSecOps environments preferred.

• Demonstrated ability to develop and deliver security‑focused technical solutions for enterprise clients.