DevSecOps Engineer

NTT DATA Services•Bethesda, OH

1d•$65,592 - $136,650•Remote

About The Position

The DevSecOps Engineer is responsible for architecting, implementing, and maintaining secure, automated, and resilient DevSecOps pipelines and cybersecurity controls across the software development lifecycle. This role is critical to ensuring that all client components—including cloud, IoT, edge, and data systems—are developed, deployed, and operated in compliance with cybersecurity, privacy, and risk management requirements. The engineer works closely with software, infrastructure, and security teams to integrate security best practices into CI/CD pipelines, automate compliance checks, and support continuous monitoring, vulnerability management, and incident response. The DevSecOps Engineer is responsible for implementing and maintaining infrastructure as code (IaC), automated testing, secure configuration baselines, and security gates for all client environments, including AWS GovCloud and edge gateways. The position requires hands-on experience with DevSecOps toolchains (e.g., Terraform, Kubernetes, Inspector, Security Hub), secure SDLC, and DoD RMF/IL4 controls. The engineer maintains comprehensive documentation, supports audits and ATO processes, and ensures that all client solutions are auditable, secure, and optimized for operational readiness and regulatory compliance.

Requirements

Bachelor’s degree in Cybersecurity, Computer, Electrical, or Electronics Engineering, or Mathematics with a concentration in computer science or equivalent
Minimum 3 years of experience with cybersecurity engineering
Must be US citizen with the ability to obtain a Secret Clearance

Nice To Haves

Proficiency with DevSecOps toolchains (e.g., Terraform, Kubernetes, AWS Inspector, Security Hub, SOAR platforms)
Experience with secure SDLC, vulnerability management, and continuous monitoring in DoD or federal environments
Familiarity with AWS GovCloud, cloud security, and infrastructure as code (IaC)
Knowledge of DoD RMF, IL4/IL5, and FedRAMP requirements for cybersecurity and compliance
Strong documentation and communication skills, including the ability to produce compliance artifacts and technical guides
Experience supporting audit, ATO, and risk management processes for federal systems
Information Assurance Management (IAM) or Information Assurance Technical (IAT) or Information Assurance System Architect and Engineer (IASAE) Level I (position-based) per DoD 8570.1M3

Responsibilities

Design, implement, and maintain secure CI/CD pipelines and DevSecOps automation for cloud, edge, and data environments
Integrate security controls, automated compliance checks, and vulnerability scanning into all stages of the software development lifecycle
Develop and maintain infrastructure as code (IaC) for AWS GovCloud, IoT gateways, and supporting systems
Implement and enforce secure configuration baselines, access controls, and monitoring for all client components
Support continuous monitoring, incident response, and vulnerability management in compliance with DoD RMF, IL4, and FedRAMP requirements
Collaborate with software, infrastructure, and security teams to ensure secure deployment and operation of solutions
Maintain comprehensive documentation for DevSecOps processes, security controls, and compliance artifacts
Support audit, ATO, and risk management processes, including evidence collection and remediation of findings
Provide technical support for user acceptance testing, deployment, and ongoing operations of client environments
Participate in security assessments, code reviews, and compliance audits as required by contract and SOW