NTT DATA
Cloud Compliance Manager - Austin, TX
NTT DATA strives to hire exceptional, innovative, and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now. We are currently seeking a Cloud Compliance Manager to join our team in Austin, Texas (US-TX), United States (US). The Cloud Compliance Manager is a lead individual contributor role, who is responsible for ensuring that cloud-based systems and services comply with internal policies, industry standards, and government regulations. This role serves as a bridge between cloud engineering, cybersecurity, GRC (governance, risk, and compliance), and business stakeholdersproviding strategic oversight, hands-on control implementation guidance, and audit readiness support. The ideal candidate has strong knowledge of cloud platforms (e.g., AWS, Azure, GCP), compliance frameworks (e.g., FedRAMP, SOC 2, ISO 27001, NIST), and experience in regulated environments such as finance, healthcare, or public sector. Compliance Program Strategy
Develop and maintain an effective audit and compliance program strategy based on client requirements. Evaluate, interpret, and ensure clarity of contractual audit and compliance obligations and client objectives Implement and drive governance, risk, and compliance approach to promote ongoing audit readiness and to contribute toward effective IT security hygiene and management of risk Governance: Maintain and enforce cloud compliance requirements aligned to frameworks such as FedRAMP, NIST 800-53, SOC 2, ISO 27001, and/or GDPR Develop and/or drive update of cloud compliance policies, standards, and procedures Serve as the point of contact for internal/external audits, assessments, and regulatory inquiries Provide oversight and guidance for internal/external audits and assessments Drive recurring internal assessment of controls environment to ensure compliance with information security policies and established security controls; facilitate remediation Maintain annual audit calendar for supported client Maintain IT security controls library and documentation repository for supported client Coordinate the collection of audit evidence and provide timely response to support audits and/or assessments from internal/external auditors/assessors Drive and monitor remediation efforts related to internal/external audit exceptions, findings, and other relevant scope Coordinate and perform recurring logical access reviews and drive post-review actions Maintain alignment with contractual Service Level Agreements related to Audit & Compliance program including support tickets, remediation, and other key measures. Risk Management
Conduct risk assessments, gap analyses, and control testing related to cloud operations and data security Maintain and monitor Plans of Action & Milestones (POA&Ms) and risk registers for cloud systems Track non-compliances and drive remediation efforts in coordination with system owners Cross-Functional Collaboration
Collaborate with cloud engineers, architects, and DevOps to ensure compliant-by-design controls across cloud infrastructure and services Evaluate third-party tools and services for compliance risks and cloud vendor adherence (AWS and Azure) Liaise with Legal, Privacy, Security, and IT teams to interpret compliance obligations Work closely with project teams and vendors to ensure contractual and technical alignment with compliance requirements Educate internal teams on cloud compliance best practices through documentation, workshops, and consultation. Required Skills & Experience
U.S. Citizenship required (due to federal client access) Must have or be eligible to obtain DoD/DoE Public Trust or Clearance Minimum of 5+ years hands-on experience with cloud architecture: AWS and Azure specifically Minimum of 5 years of hands-on information technology operations experience and a strong knowledge of IT security standards and IT Security best practices, to include application of risk management concepts Minimum of 2 years recent audit experience spanning at least 2 full cycles of any 2 of the following: SSAE18 SOC1 Type 2/SOC2 Type 2, SOX, PCI-DSS, HIPPA, ISO/IEC 27001, or equivalent Must have knowledge and experience with applications of IT Security frameworks such as: PCI DSS, ISO/IEC 27001, CIS, NIST 800-53, NIST CSF, etc. Experience with FedRAMP, FISMA, or StateRAMP compliance Desired Skills / Certs:
Experience working in a matrixed cross-functional environment within a service organization Experience in a client-facing role Ability to drive IT teams to ensure timely delivery of audit and compliance services Strong oral and written communications Solid critical thinking and problem-solving skills Ability to manage competing priorities and comfortable to work through ambiguity Ability to work in a fast-paced environment within an ITO organization Strong interpersonal relationship building and business acumen One or more of the following professional certifications: CISA, CISSP, CISM, CRISC, CGEIT, ITIL and/or equivalent Undergraduate degree in Information Technology, Computer Science, or a related - Graduate degree preferred
NTT DATA strives to hire exceptional, innovative, and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now. We are currently seeking a Cloud Compliance Manager to join our team in Austin, Texas (US-TX), United States (US). The Cloud Compliance Manager is a lead individual contributor role, who is responsible for ensuring that cloud-based systems and services comply with internal policies, industry standards, and government regulations. This role serves as a bridge between cloud engineering, cybersecurity, GRC (governance, risk, and compliance), and business stakeholdersproviding strategic oversight, hands-on control implementation guidance, and audit readiness support. The ideal candidate has strong knowledge of cloud platforms (e.g., AWS, Azure, GCP), compliance frameworks (e.g., FedRAMP, SOC 2, ISO 27001, NIST), and experience in regulated environments such as finance, healthcare, or public sector. Compliance Program Strategy
Develop and maintain an effective audit and compliance program strategy based on client requirements. Evaluate, interpret, and ensure clarity of contractual audit and compliance obligations and client objectives Implement and drive governance, risk, and compliance approach to promote ongoing audit readiness and to contribute toward effective IT security hygiene and management of risk Governance: Maintain and enforce cloud compliance requirements aligned to frameworks such as FedRAMP, NIST 800-53, SOC 2, ISO 27001, and/or GDPR Develop and/or drive update of cloud compliance policies, standards, and procedures Serve as the point of contact for internal/external audits, assessments, and regulatory inquiries Provide oversight and guidance for internal/external audits and assessments Drive recurring internal assessment of controls environment to ensure compliance with information security policies and established security controls; facilitate remediation Maintain annual audit calendar for supported client Maintain IT security controls library and documentation repository for supported client Coordinate the collection of audit evidence and provide timely response to support audits and/or assessments from internal/external auditors/assessors Drive and monitor remediation efforts related to internal/external audit exceptions, findings, and other relevant scope Coordinate and perform recurring logical access reviews and drive post-review actions Maintain alignment with contractual Service Level Agreements related to Audit & Compliance program including support tickets, remediation, and other key measures. Risk Management
Conduct risk assessments, gap analyses, and control testing related to cloud operations and data security Maintain and monitor Plans of Action & Milestones (POA&Ms) and risk registers for cloud systems Track non-compliances and drive remediation efforts in coordination with system owners Cross-Functional Collaboration
Collaborate with cloud engineers, architects, and DevOps to ensure compliant-by-design controls across cloud infrastructure and services Evaluate third-party tools and services for compliance risks and cloud vendor adherence (AWS and Azure) Liaise with Legal, Privacy, Security, and IT teams to interpret compliance obligations Work closely with project teams and vendors to ensure contractual and technical alignment with compliance requirements Educate internal teams on cloud compliance best practices through documentation, workshops, and consultation. Required Skills & Experience
U.S. Citizenship required (due to federal client access) Must have or be eligible to obtain DoD/DoE Public Trust or Clearance Minimum of 5+ years hands-on experience with cloud architecture: AWS and Azure specifically Minimum of 5 years of hands-on information technology operations experience and a strong knowledge of IT security standards and IT Security best practices, to include application of risk management concepts Minimum of 2 years recent audit experience spanning at least 2 full cycles of any 2 of the following: SSAE18 SOC1 Type 2/SOC2 Type 2, SOX, PCI-DSS, HIPPA, ISO/IEC 27001, or equivalent Must have knowledge and experience with applications of IT Security frameworks such as: PCI DSS, ISO/IEC 27001, CIS, NIST 800-53, NIST CSF, etc. Experience with FedRAMP, FISMA, or StateRAMP compliance Desired Skills / Certs:
Experience working in a matrixed cross-functional environment within a service organization Experience in a client-facing role Ability to drive IT teams to ensure timely delivery of audit and compliance services Strong oral and written communications Solid critical thinking and problem-solving skills Ability to manage competing priorities and comfortable to work through ambiguity Ability to work in a fast-paced environment within an ITO organization Strong interpersonal relationship building and business acumen One or more of the following professional certifications: CISA, CISSP, CISM, CRISC, CGEIT, ITIL and/or equivalent Undergraduate degree in Information Technology, Computer Science, or a related - Graduate degree preferred