This job offer is no longer available
About
DevOps Engineer Description:
This is a hands-on, deep-specialist role. We are deliberately not hiring a broad DevOps generalist who lists GitLab among ten other tools. We want someone who knows the product intimately, stays current with its fast-moving release cycle, and treats the platform as a product in its own right.
You will work in a security-conscious, regulated environment, so we need someone who is comfortable making security a first-class concern in everything they build and who is willing to speak up when something isn't right.
Must-Have Qualifications GitLab self-managed administration. Direct, recent experience administering self-managed GitLab (not GitLab.com SaaS). You have personally handled upgrades, backups, high-availability configurations, runner management, and performance tuning. CI/CD pipeline architecture. You design and maintain reusable pipeline templates and parent/child pipeline structures, and you've integrated pipelines with security scanners and artifact repositories. We use JFrog and Wiz; experience with these specifically is a plus. GitLab Runner management at scale. You understand the trade-offs between shared, group, and project-scoped runners, and you've operated runners using the Kubernetes executor on EKS. Authentication and access control. You've implemented and maintained SAML/SSO/LDAP integration and designed group and project permission models at enterprise scale. Infrastructure-as-code fluency. You're fluent in Terraform, ideally including the GitLab provider, and you instinctively manage configuration as code rather than clicking through the UI. Strong Nice-to-Haves
GitLab Geo experience, including replication and disaster-recovery scenarios. Container Registry and Package Registry administration. Migration experience such as onboarding organizations into GitLab, or executing major version upgrades on self-managed instances. Hands-on experience integrating GitLab with Kubernetes/EKS for runner workloads and deployment pipelines. Federal or regulated-industry exposure: FedRAMP, IL5, NIST 800-53, and familiarity with the ATO process Security Responsibilities Security is not a separate workstream in this role - it's built into the platform you operate.
You will: Integrate and maintain security and vulnerability scanning (e.g., Wiz, SAST/DAST, dependency and container scanning) directly within CI/CD pipelines, and ensure findings are visible and actionable for engineering teams. Harden the GitLab platform itself: enforce least-privilege access models, manage secrets and CI/CD variables securely, and keep the environment patched and current with security releases. Implement and maintain supply-chain security controls, such as signed artifacts, trusted artifact repositories (JFrog), and policies that prevent untrusted dependencies from entering builds. Support audit, logging, and compliance requirements, and help maintain the platform's posture against frameworks such as NIST 800-53 in support of FedRAMP/IL5 and ATO obligations. Partner with security and compliance teams to translate control requirements into enforceable, automated platform configuration.
Languages
- English
Notice for Users
This job was posted by one of our partners. You can view the original job source here.