The Role
Seeking a Senior DevSecOps Consultant to design and implement a CMMC-aligned GitLab platform. Responsibilities include deploying GitLab on Kubernetes, establishing secure configurations, and ensuring compliance with NIST and CMMC requirements.
Summary Generated by Built In
Who We Are
At Trility Consulting®, we’ve built a strong, remote-work culture where people thrive, grow, and support each other – earning us Great Place to Work® Certification. Headquartered in Central Iowa, we embrace flexible schedules and collaboration across geographically distributed teams serving clients from all corners of the United States and globally.
We seek team members with the grit necessary to forge paths where none previously existed, to get back up when circumstances knock them down, to adapt to the changing needs of the client even when it is uncomfortable, and to deliver on our commitments. Candidates must respect and value people, recognize that over-communication is barely good enough, thrive on solving complex problems, have a passion for building teams, and know that delivering what a client actually values is more important than their own predispositions. They understand value proposition, love delivering value, and take pride in learning the expansive and ever-changing business of clients. Candidates are self-motivated and relentlessly working to become more today than they were yesterday.
What You Will Do
We are seeking a Senior DevSecOps Consultant to design and implement a CMMC-aligned GitLab platform within a regulated space/aerospace environment. This role will focus on architecting, deploying, and hardening a self-managed GitLab environment on Kubernetes using Crossplane, while establishing secure, scalable patterns that internal teams can operate long-term.
You will partner closely with the platform chief architect and engineering teams to define architecture decisions, implement secure configuration-as-code practices, and ensure the platform meets CMMC and NIST 800-171 requirements.
This is a remote 1099 position.
Key Responsibilities
- Design and implement a CMMC-aligned GitLab architecture supporting 250–500+ users
- Deploy and operate self-managed GitLab on Kubernetes using Crossplane
- Architect secure GitLab runner strategies (pooling, isolation, autoscaling) for mixed workloads
- Evaluate and document architectural approaches (single vs. segregated GitLab instances) with clear tradeoff analysis
- Translate NIST 800-171 and CMMC requirements into enforceable GitLab configurations and access controls
- Implement configuration-as-code using Terraform (e.g., GitLab provider) to ensure versioned, auditable, and repeatable platform management
- Design and implement RBAC, least-privilege models, and segregation of duties
- Establish drift detection and audit mechanisms to monitor and remediate unauthorized changes
- Integrate GitLab into the broader Kubernetes platform ecosystem, including GitOps workflows (e.g., ArgoCD)
- Produce architecture documentation, runbooks, and reference patterns to enable internal ownership and long-term sustainability
- Collaborate with cybersecurity, architecture review boards, and platform teams to validate compliance and design decisions
Qualifications
- 5+ years of experience in DevOps, Platform Engineering, or DevSecOps roles
- Hands-on experience deploying and operating self-managed GitLab in production environments
- Strong expertise with Kubernetes, including day-2 operations, networking, and observability
- Experience with Infrastructure as Code (Terraform strongly preferred)
- Experience designing and securing CI/CD pipelines and runner architectures
- Experience with Crossplane for Kubernetes-based resource provisioning
- Demonstrated experience implementing RBAC, least-privilege models, and configuration-as-code for platform services
- Experience working in regulated environments (CMMC, NIST 800-171, FedRAMP, DoD, aerospace/defense, financial services, etc.)
- Strong documentation and cross-functional communication skills
Nice to Have
- Familiarity with Cilium, Keycloak, ArgoCD, and related DevSecOps tooling
- Direct experience mapping NIST 800-171 / CMMC controls to technical implementations
- Experience supporting hybrid regulated and commercial workloads
How We Put You First
Trility’s culture is built upon the journey, character, and work ethic of our team members. We are a team of honorable and professional lifelong learners who work together to solve problems proactively.
• Work remotely anywhere in the United States with flexible work hours
• Sponsored and supported learning opportunities
Job Requirements
• Must reside within the United States
• Must be authorized to work in the United States without sponsorship now or in the future
• Must be able to pass a background check
Top Skills
Argocd
Crossplane
Gitlab
Kubernetes
Terraform
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Trility Consulting® is a fast-growing business and technology consulting firm that helps mid-market to enterprise-sized companies define, design, and deliver custom solutions that solve high-consequence problems for their businesses.
Using an outcome-based delivery approach, our teams build modern solutions for clients and bring their people along the journey to ensure a reduced cost of ownership long after the engagement is done.
Our key practice areas include Software Design & Development, Cloud Engineering, DevOps Expertise, and Artificial Intelligence & Data. What is essential to helping clients achieve outcomes is our holistic and contextual approach to ensure desired outcomes are achieved.
Trility recently was recognized for a second time as an Inc. 5000 Fastest-Growing Private Company in America. Learn more at https://trility.io.
