Seeking a Senior DevSecOps Consultant to design and implement a CMMC-aligned GitLab platform. Responsibilities include deploying GitLab on Kubernetes, establishing secure configurations, and ensuring compliance with NIST and CMMC requirements.
Who We Are
At Trility Consulting®, we’ve built a strong, remote-work culture where people thrive, grow, and support each other – earning us Great Place to Work® Certification. Headquartered in Central Iowa, we embrace flexible schedules and collaboration across geographically distributed teams serving clients from all corners of the United States and globally.
We seek team members with the grit necessary to forge paths where none previously existed, to get back up when circumstances knock them down, to adapt to the changing needs of the client even when it is uncomfortable, and to deliver on our commitments. Candidates must respect and value people, recognize that over-communication is barely good enough, thrive on solving complex problems, have a passion for building teams, and know that delivering what a client actually values is more important than their own predispositions. They understand value proposition, love delivering value, and take pride in learning the expansive and ever-changing business of clients. Candidates are self-motivated and relentlessly working to become more today than they were yesterday.
What You Will Do
We are seeking a Senior DevSecOps Consultant to design and implement a CMMC-aligned GitLab platform within a regulated space/aerospace environment. This role will focus on architecting, deploying, and hardening a self-managed GitLab environment on Kubernetes using Crossplane, while establishing secure, scalable patterns that internal teams can operate long-term.
You will partner closely with the platform chief architect and engineering teams to define architecture decisions, implement secure configuration-as-code practices, and ensure the platform meets CMMC and NIST 800-171 requirements.
This is a remote 1099 position.
Key Responsibilities
- Design and implement a CMMC-aligned GitLab architecture supporting 250–500+ users
- Deploy and operate self-managed GitLab on Kubernetes using Crossplane
- Architect secure GitLab runner strategies (pooling, isolation, autoscaling) for mixed workloads
- Evaluate and document architectural approaches (single vs. segregated GitLab instances) with clear tradeoff analysis
- Translate NIST 800-171 and CMMC requirements into enforceable GitLab configurations and access controls
- Implement configuration-as-code using Terraform (e.g., GitLab provider) to ensure versioned, auditable, and repeatable platform management
- Design and implement RBAC, least-privilege models, and segregation of duties
- Establish drift detection and audit mechanisms to monitor and remediate unauthorized changes
- Integrate GitLab into the broader Kubernetes platform ecosystem, including GitOps workflows (e.g., ArgoCD)
- Produce architecture documentation, runbooks, and reference patterns to enable internal ownership and long-term sustainability
- Collaborate with cybersecurity, architecture review boards, and platform teams to validate compliance and design decisions
Qualifications
- 5+ years of experience in DevOps, Platform Engineering, or DevSecOps roles
- Hands-on experience deploying and operating self-managed GitLab in production environments
- Strong expertise with Kubernetes, including day-2 operations, networking, and observability
- Experience with Infrastructure as Code (Terraform strongly preferred)
- Experience designing and securing CI/CD pipelines and runner architectures
- Experience with Crossplane for Kubernetes-based resource provisioning
- Demonstrated experience implementing RBAC, least-privilege models, and configuration-as-code for platform services
- Experience working in regulated environments (CMMC, NIST 800-171, FedRAMP, DoD, aerospace/defense, financial services, etc.)
- Strong documentation and cross-functional communication skills
Nice to Have
- Familiarity with Cilium, Keycloak, ArgoCD, and related DevSecOps tooling
- Direct experience mapping NIST 800-171 / CMMC controls to technical implementations
- Experience supporting hybrid regulated and commercial workloads
How We Put You First
Trility’s culture is built upon the journey, character, and work ethic of our team members. We are a team of honorable and professional lifelong learners who work together to solve problems proactively.
• Work remotely anywhere in the United States with flexible work hours
• Sponsored and supported learning opportunities
Job Requirements
• Must reside within the United States
• Must be authorized to work in the United States without sponsorship now or in the future
• Must be able to pass a background check
Top Skills
Argocd
Crossplane
Gitlab
Kubernetes
Terraform
Similar Jobs
Fintech • Mobile • Software • Financial Services
This role involves assisting with the setup and processing of loans, ensuring accurate documentation, and providing support for loan operations.
Blockchain • Fintech • Payments • Financial Services • Cryptocurrency • Web3 • Infrastructure as a Service (IaaS)
The Regulatory Compliance Specialist will support compliance with card network rules, assist in handling disputes, and manage consumer complaints focusing on regulations like E, Z, and UDAAP.
Top Skills:
MastercardRegulation ERegulation ZUdaapVisa
Artificial Intelligence • Fintech • Information Technology • Logistics • Payments • Business Intelligence • Generative AI
The Events Operations Manager at Coupa handles logistical aspects of event planning, manages project timelines, oversees procurement, and supports events execution.
Top Skills:
AsanaCventRainfocusSwoogo
What you need to know about the Seattle Tech Scene
Home to tech titans like Microsoft and Amazon, Seattle punches far above its weight in innovation. But its surrounding mountains, sprinkled with world-famous hiking trails and climbing routes, make the city a destination for outdoorsy types as well. Established as a logging town before shifting to shipbuilding and logistics, the Emerald City is now known for its contributions to aerospace, software, biotech and cloud computing. And its status as a thriving tech ecosystem is attracting out-of-town companies looking to establish new tech and engineering hubs.
Key Facts About Seattle Tech
- Number of Tech Workers: 287,000; 13% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Amazon, Microsoft, Meta, Google
- Key Industries: Artificial intelligence, cloud computing, software, biotechnology, game development
- Funding Landscape: $3.1 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Madrona, Fuse, Tola, Maveron
- Research Centers and Universities: University of Washington, Seattle University, Seattle Pacific University, Allen Institute for Brain Science, Bill & Melinda Gates Foundation, Seattle Children’s Research Institute
