Cloud Compliance Manager - Austin, TX

Req ID: 335891 

NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.

We are currently seeking a Cloud Compliance Manager - Austin, TX to join our team in Austin, Texas (US-TX), United States (US).

NTT DATA strives to hire exceptional, innovative, and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.

We are currently seeking a Cloud Compliance Manager to join our Public Sector team preferred location in Austin, Texas (US-TX), United States (US), supporting the State of Texas Department of Information Resources (DIR) Public Cloud Manager role. This position ensures cloud-based systems and services align with Texas DIR requirements, including TX-RAMP and NIST 800-53V5 compliance frameworks, while fostering governance, risk management, and audit readiness.

The Cloud Compliance Manager is a lead individual contributor responsible for ensuring that cloud-based systems and services comply with State of Texas DIR policies, TX-RAMP, NIST 800-53V5, and other applicable regulations and standards. This role serves as a bridge between cloud engineering, cybersecurity, governance, risk, and compliance (GRC), and business stakeholders, providing strategic oversight, hands-on control implementation guidance, and audit readiness support. The ideal candidate has deep expertise in cloud platforms (e.g., AWS, Azure, GCP, OCI), compliance frameworks (e.g., NIST 800-53V5, TX-RAMP, SOC 2), and experience in public sector environments, particularly with Texas state government requirements.

Compliance Program Strategy

• Develop and maintain an effective audit and compliance program strategy aligned with State of Texas DIR requirements, TX-RAMP, and NIST 800-53V5.
• Evaluate, interpret, and ensure clarity of contractual audit and compliance obligations, including TX-RAMP and NIST 800-53V5 requirements, and align with client objectives.
• Implement and drive a governance, risk, and compliance (GRC) approach to promote ongoing audit readiness and effective IT security hygiene.
• Maintain and enforce cloud compliance requirements aligned with TX-RAMP, NIST 800-53V5, SOC 2, and Data Privacy/Data Sovereignty.
• Develop, update, and enforce cloud compliance policies, standards, and procedures specific to Texas DIR and TX-RAMP requirements.
• Serve as the primary point of contact for internal and external audits, assessments, and regulatory inquiries, including TX-RAMP assessments.
• Provide oversight and guidance for internal/external audits and TX-RAMP assessments, ensuring compliance with Texas DIR standards.
• Drive recurring internal assessments of the controls environment to ensure compliance with Texas DIR information security policies and NIST 800-53V5 controls; facilitate remediation as needed.
• Maintain an annual audit calendar for the supported client, including TX-RAMP and NIST 800-53V5-related audits.
• Maintain IT security controls library and documentation repository aligned with NIST 800-53V5 and TX-RAMP for the supported client.
• Coordinate the collection of audit evidence and provide timely responses to support audits and assessments from internal/external auditors/assessors.
• Drive and monitor remediation efforts related to audit exceptions, findings, and other relevant scopes, ensuring alignment with TX-RAMP and NIST 800-53V5.
• Coordinate and perform recurring logical access reviews and drive post-review actions to meet Texas DIR and TX-RAMP requirements.
• Maintain alignment with contractual Service Level Agreements (SLAs) related to the Audit & Compliance program, including support tickets, remediation, and other key measures.

Risk Management

• Conduct risk assessments, gap analyses, and control testing related to cloud operations and data security, with a focus on NIST 800-53V5 and TX-RAMP requirements.
• Maintain and monitor Plans of Action & Milestones (POA&Ms) and risk registers for cloud systems, ensuring compliance with Texas DIR and TX-RAMP standards.
• Track non-compliances and drive remediation efforts in coordination with system owners, prioritizing NIST 800-53V5 and TX-RAMP controls.

Cross-Functional Collaboration

• Collaborate with cloud engineers, architects, and DevOps/SecOps to ensure compliant-by-design controls across cloud infrastructure and services, adhering to TX-RAMP and NIST 800-53V5.
• Evaluate third-party tools and services for compliance risks and cloud vendor adherence (AWS, Azure, GCP, OCI) in accordance with Texas DIR and TX-RAMP requirements.
• Liaise with Legal, Privacy, Security, and IT teams to interpret and implement compliance obligations, including Texas DIR policies.
• Work closely with project teams and vendors to ensure contractual and technical alignment with TX-RAMP and NIST 800-53V5 requirements.
• Educate internal teams on cloud compliance best practices through documentation, workshops, and consultation, emphasizing Texas DIR and TX-RAMP standards.
• Understanding of security platforms that include Palo Alto, CrowdStrike, CyberArk and Qualys is preferred.

This critical role will support public sector (SLED) projects across all four hyperscalers: AWS, Azure, GCP, and OCI. These roles are not siloed and will be expected to wear multi-hats and cross train across all domains and work day to day with the larger dedicated team within the Cloud Practice.

Required Skills & Experience

• U.S. Citizenship required (due to federal and State of Texas client access requirements).
• Must be eligible and pass an FBI CJIS Background check. This is done every 12 months. 
• Minimum of 5+ years of hands-on experience with cloud architecture, specifically AWS and Azure, in a public sector environment.
• Minimum of 5 years of hands-on information technology operations experience with strong knowledge of IT security standards, IT security best practices, and application of risk management concepts aligned with NIST 800-53V5.
• Demonstrated knowledge and experience applying IT security frameworks such as NIST 800-53V5, TX-RAMP, PCI DSS, or NIST CSF.
• Experience with TX-RAMP, FEDRAMP, FISMA, or equivalent state/federal compliance frameworks.

Desired Skills & Certifications

• Experience working in a matrixed, cross-functional environment within a service organization.
• Experience in a client-facing role, particularly with Texas state government or public sector clients.
• Ability to drive IT teams to ensure timely delivery of audit and compliance services.
• Strong oral and written communication skills, with the ability to convey complex compliance requirements clearly.
• Solid critical thinking and problem-solving skills, with the ability to address TX-RAMP and NIST 800-53V5 compliance challenges.
• Ability to manage competing priorities and work through ambiguity in a fast-paced environment.
• Strong interpersonal relationship-building skills and business acumen, particularly in public sector contexts.
• One or more of the following professional certifications preferred: CISA, CISSP, CISM, CRISC, CGEIT, ITIL, or equivalent

About NTT DATA

NTT DATA is a $30 billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long term success. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure and connectivity. We are one of the leading providers of digital and AI infrastructure in the world. NTT DATA is a part of NTT Group, which invests over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. Visit us at us.nttdata.com

Whenever possible, we hire locally to NTT DATA offices or client sites. This ensures we can provide timely and effective support tailored to each client’s needs. While many positions offer remote or hybrid work options, these arrangements are subject to change based on client requirements. For employees near an NTT DATA office or client site, in-office attendance may be required for meetings or events, depending on business needs. At NTT DATA, we are committed to staying flexible and meeting the evolving needs of both our clients and employees. NTT DATA recruiters will never ask for payment or banking information and will only use @nttdata.com and @talent.nttdataservices.com email addresses. If you are requested to provide payment or disclose banking information, please submit a contact us form, https://us.nttdata.com/en/contact-us.

NTT DATA endeavors to make https://us.nttdata.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at https://us.nttdata.com/en/contact-us. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click here. If you'd like more information on your EEO rights under the law, please click here. For Pay Transparency information, please click here.