NTT DATA is a $30 billion business and technology services leader, serving 75% of the Fortune Global 100. We are committed to accelerating client success and positively impacting society through responsible innovation. We are one of the world's leading AI and digital infrastructure providers, with unmatched capabilities in enterprise-scale AI, cloud, security, connectivity, data centers, and application services. Our consulting and Industry solutions help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have experts in more than 50 countries. We also offer clients access to a robust ecosystem of innovation centers as well as established and start-up partners. NTT DATA is a part of NTT Group, which invests over $3 billion each year in R&D.
DevSecOps Engineer
Location
United States
Posted
5 days ago
Salary
$65.6K - $136.7K / year
Seniority
Mid Level
No structured requirement data.
Job Description
DevSecOps Engineer
NTT DATA Services
Role Description The DevSecOps Engineer is responsible for architecting, implementing, and maintaining secure, automated, and resilient DevSecOps pipelines and cybersecurity controls across the software development lifecycle. This role is critical to ensuring that all client components—including cloud, IoT, edge, and data systems—are developed, deployed, and operated in compliance with cybersecurity, privacy, and risk management requirements. The engineer works closely with software, infrastructure, and security teams to integrate security best practices into CI/CD pipelines, automate compliance checks, and support continuous monitoring, vulnerability management, and incident response. The DevSecOps Engineer is responsible for implementing and maintaining infrastructure as code (IaC), automated testing, secure configuration baselines, and security gates for all client environments, including AWS GovCloud and edge gateways. The position requires hands-on experience with DevSecOps toolchains (e.g., Terraform, Kubernetes, Inspector, Security Hub), secure SDLC, and DoD RMF/IL4 controls. The engineer maintains comprehensive documentation, supports audits and ATO processes, and ensures that all client solutions are auditable, secure, and optimized for operational readiness and regulatory compliance. - Design, implement, and maintain secure CI/CD pipelines and DevSecOps automation for cloud, edge, and data environments - Integrate security controls, automated compliance checks, and vulnerability scanning into all stages of the software development lifecycle - Develop and maintain infrastructure as code (IaC) for AWS GovCloud, IoT gateways, and supporting systems - Implement and enforce secure configuration baselines, access controls, and monitoring for all client components - Support continuous monitoring, incident response, and vulnerability management in compliance with DoD RMF, IL4, and FedRAMP requirements - Collaborate with software, infrastructure, and security teams to ensure secure deployment and operation of solutions - Maintain comprehensive documentation for DevSecOps processes, security controls, and compliance artifacts - Support audit, ATO, and risk management processes, including evidence collection and remediation of findings - Provide technical support for user acceptance testing, deployment, and ongoing operations of client environments - Participate in security assessments, code reviews, and compliance audits as required by contract and SOW Qualifications - Bachelor’s degree in Cybersecurity, Computer, Electrical, or Electronics Engineering, or Mathematics with a concentration in computer science or equivalent - Minimum 3 years of experience with cybersecurity engineering - Must be US citizen with the ability to obtain a Secret Clearance Requirements - Proficiency with DevSecOps toolchains (e.g., Terraform, Kubernetes, AWS Inspector, Security Hub, SOAR platforms) - Experience with secure SDLC, vulnerability management, and continuous monitoring in DoD or federal environments - Familiarity with AWS GovCloud, cloud security, and infrastructure as code (IaC) - Knowledge of DoD RMF, IL4/IL5, and FedRAMP requirements for cybersecurity and compliance - Strong documentation and communication skills, including the ability to produce compliance artifacts and technical guides - Experience supporting audit, ATO, and risk management processes for federal systems - Information Assurance Management (IAM) or Information Assurance Technical (IAT) or Information Assurance System Architect and Engineer (IASAE) Level I (position-based) per DoD 8570.1M3 Benefits - Medical, dental, and vision insurance with an employer contribution - Flexible spending or health savings account - Life and AD&D insurance - Short and long term disability coverage - Paid time off - Employee assistance - Participation in a 401k program with company match - Additional voluntary or legally-required benefits
Related Guides
Related Categories
Related Job Pages
More DevOps Engineer Jobs
Senior DevOps Engineer
BorrowellBorrowell is a financial technology company based in Toronto, Ontario, Canada, that provides free credit score reporting and monitoring and a range of other fin
• We are seeking a Senior DevOps Engineer to design, automate, and manage the mission-critical cloud infrastructure supporting our marketplace. • As a key member of our DevOps team, you will drive our Infrastructure-as-Code (IaC) strategy, develop tools to simplify our deployment processes, and integrate automated testing into our delivery pipelines. • This is a collaborative, cross-functional role requiring close partnership with development, security, and QA teams. The ideal candidate is a proactive engineer with a strong foundation in cloud platforms, CI/CD automation, containerization, and security best practices, dedicated to helping us deliver reliable services to 4 million members.
• Design and manage scalable, secure, and highly available infrastructure on Google Cloud Platform (GCP) • Develop and maintain Infrastructure as Code (IaC) using Terraform or Deployment Manager • Build and optimize CI/CD pipelines using tools like Cloud Build, GitHub Actions, or Jenkins • Implement and manage GKE (Google Kubernetes Engine) clusters, including autoscaling, monitoring, and security • Set up and manage Cloud Monitoring, Cloud Logging, and Error Reporting for observability • Automate operational tasks using Python • Ensure compliance with security best practices using IAM, VPC Service Controls, and Cloud Armor • Collaborate with development teams to support microservices architecture and service mesh (e.g., CloudRun, CloudFunction) • Lead incident response and root cause analysis for production issues • Mentor junior DevOps engineers and contribute to DevOps best practices and documentation
• Design, build, and operate cloud infrastructure (GCP preferred) using infrastructure-as-code, with an emphasis on repeatability, security, and cost efficiency. • Own and continuously improve CI/CD pipelines. Automated integration and unit testing, provisioning, deployments, and rollbacks to keep delivery fast and safe. • Build and maintain observability across the platform, including monitoring, logging, tracing, alerting, and meaningful dashboards that surface issues before customers do. • Improve and advance our security posture: secrets management, encryption in transit and at rest, IAM and least-privilege access, network segmentation, and vulnerability management across all infrastructure. • Drive compliance readiness by partnering with security and leadership to maintain, automate, and provide evidence for controls across frameworks such as SOC 2, ISO 27001, GDPR, (HIPAA a plus), including audit support and continuous control monitoring. • Lead incident response and the on-call rotation; drive blameless postmortems, reduce mean-time-to-recovery, and turn lessons learned into lasting fixes. • Define and uphold reliability targets (SLOs/SLIs), capacity planning, and performance tuning as we scale across countries and industries. • Leverage AI-powered tooling (Claude Code, Cursor, GitHub Copilot, and others) to accelerate infrastructure-as-code, automation, and internal tooling, and to improve incident triage and response. • Partner with engineering to improve developer experience and deployment velocity, removing friction and automating away toil. • Drive a culture of operational excellence, reliability, security, and continuous improvement across the engineering organization. • Set technical direction for platform and infrastructure, and mentor engineers on DevOps, reliability, and security best practices. • Continuously evaluate and adopt emerging AI-powered tools and workflows to improve infrastructure speed, quality, and security.
Senior DevOps Engineer
TrueMLTrueML is a fintech company building software to create positive experiences for consumers seeking financial health.
• Implement the technical roadmap for Infrastructure as Code (IaC), CI/CD evolution, and cloud-native architecture to support TrueML’s scaling needs. • Design, develop, and maintain self-service internal platforms to reduce developer cognitive load, enabling feature teams to deploy and manage services with minimal friction at increased velocity. • Act as a core steward for cloud spend (AWS), proactively identifying and driving cost-optimization initiatives across our infrastructure. • Build and maintain infrastructure architecture that supports strict High Availability (HA) requirements and robust Disaster Recovery (DR) protocols across multiple regions. • Implement and evolve comprehensive monitoring, logging, and distributed tracing systems, leveraging AIOps to move from reactive to predictive system maintenance.
