NTT DATA is a leading business and technology services provider that is seeking a DevSecOps Engineer to join their team. The role involves architecting, implementing, and maintaining secure DevSecOps pipelines and cybersecurity controls, ensuring compliance with security and risk management requirements throughout the software development lifecycle.
Responsibilities:
- Design, implement, and maintain secure CI/CD pipelines and DevSecOps automation for cloud, edge, and data environments
- Integrate security controls, automated compliance checks, and vulnerability scanning into all stages of the software development lifecycle
- Develop and maintain infrastructure as code (IaC) for AWS GovCloud, IoT gateways, and supporting systems
- Implement and enforce secure configuration baselines, access controls, and monitoring for all client components
- Support continuous monitoring, incident response, and vulnerability management in compliance with DoD RMF, IL4, and FedRAMP requirements
- Collaborate with software, infrastructure, and security teams to ensure secure deployment and operation of solutions
- Maintain comprehensive documentation for DevSecOps processes, security controls, and compliance artifacts
- Support audit, ATO, and risk management processes, including evidence collection and remediation of findings
- Provide technical support for user acceptance testing, deployment, and ongoing operations of client environments
- Participate in security assessments, code reviews, and compliance audits as required by contract and SOW
Requirements:
- Bachelor's degree in Cybersecurity, Computer, Electrical, or Electronics Engineering, or Mathematics with a concentration in computer science or equivalent
- Minimum 3 years of experience with cybersecurity engineering
- Must be US citizen with the ability to obtain a Secret Clearance
- Proficiency with DevSecOps toolchains (e.g., Terraform, Kubernetes, AWS Inspector, Security Hub, SOAR platforms)
- Experience with secure SDLC, vulnerability management, and continuous monitoring in DoD or federal environments
- Familiarity with AWS GovCloud, cloud security, and infrastructure as code (IaC)
- Knowledge of DoD RMF, IL4/IL5, and FedRAMP requirements for cybersecurity and compliance
- Strong documentation and communication skills, including the ability to produce compliance artifacts and technical guides
- Experience supporting audit, ATO, and risk management processes for federal systems
- Information Assurance Management (IAM) or Information Assurance Technical (IAT) or Information Assurance System Architect and Engineer (IASAE) Level I (position-based) per DoD 8570.1M3