NTT DATA is a business and technology services leader, and they are seeking a DevSecOps Engineer to join their team. The role involves architecting, implementing, and maintaining secure DevSecOps pipelines and cybersecurity controls across the software development lifecycle.
Responsibilities:
- Design, implement, and maintain secure CI/CD pipelines and DevSecOps automation for cloud, edge, and data environments
- Integrate security controls, automated compliance checks, and vulnerability scanning into all stages of the software development lifecycle
- Develop and maintain infrastructure as code (IaC) for AWS GovCloud, IoT gateways, and supporting systems
- Implement and enforce secure configuration baselines, access controls, and monitoring for all client components
- Support continuous monitoring, incident response, and vulnerability management in compliance with DoD RMF, IL4, and FedRAMP requirements
- Collaborate with software, infrastructure, and security teams to ensure secure deployment and operation of solutions
- Maintain comprehensive documentation for DevSecOps processes, security controls, and compliance artifacts
- Support audit, ATO, and risk management processes, including evidence collection and remediation of findings
- Provide technical support for user acceptance testing, deployment, and ongoing operations of client environments
- Participate in security assessments, code reviews, and compliance audits as required by contract and SOW
Requirements:
- Bachelor's degree in Cybersecurity, Computer, Electrical, or Electronics Engineering, or Mathematics with a concentration in computer science or equivalent
- Minimum 3 years of experience with cybersecurity engineering
- Must be US citizen with the ability to obtain a Secret Clearance
- Proficiency with DevSecOps toolchains (e.g., Terraform, Kubernetes, AWS Inspector, Security Hub, SOAR platforms)
- Experience with secure SDLC, vulnerability management, and continuous monitoring in DoD or federal environments
- Familiarity with AWS GovCloud, cloud security, and infrastructure as code (IaC)
- Knowledge of DoD RMF, IL4/IL5, and FedRAMP requirements for cybersecurity and compliance
- Strong documentation and communication skills, including the ability to produce compliance artifacts and technical guides
- Experience supporting audit, ATO, and risk management processes for federal systems
- Information Assurance Management (IAM) or Information Assurance Technical (IAT) or Information Assurance System Architect and Engineer (IASAE) Level I (position-based) per DoD 8570.1M3