GitLab

We are hiring for Senior Engineer (GitLab) to support our client.

Company Name: - JTSi (Johnson Technology Systems, Inc.)
Title: Senior Engineer (GitLab)
Location: Remote
If candidates are within 30 miles of the Herndon, VA office they will be asked to report to the office 1-2 a week (Can change based on business needs)
Citizenship: US
*Temp position*

DESCRIPTION OF PROJECT AND TASKS:
Description
About the Role
We are looking for a senior engineer who owns our GitLab self-managed platform end to end, not someone who has merely used GitLab, but someone who has run it. You will be the technical authority on our self-hosted GitLab environment, responsible for its availability, performance, security posture, and the CI/CD experience of every engineering team that depends on it. This is a hands-on, deep-specialist role. We are deliberately not hiring a broad DevOps generalist who lists GitLab among ten other tools. We want someone who knows the product intimately, stays current with its fast-moving release cycle, and treats the platform as a product in its own right.
You will work in a security-conscious, regulated environment, so we need someone who is comfortable making security a first-class concern in everything they build and who is willing to speak up when something isn t right.
What You ll Own
- The full lifecycle of our self-managed GitLab deployment: upgrades, backups, high availability, capacity planning, and performance tuning.
- CI/CD pipeline architecture across the organization, including reusable pipeline templates, parent/child pipelines, and integrations with our security scanners and artifact repositories.
- GitLab Runner fleet management at scale, including shared, group, and project-scoped runners running on a Kubernetes executor on EKS.
- Authentication and access control across the platform - SSO/SAML/LDAP integration and enterprise-scale group and project permission models.
- Managing platform configuration as code rather than through the UI, with Terraform as the source of truth.
Must-Have Qualifications
- GitLab self-managed administration. Direct, recent experience administering self-managed GitLab (not GitLab.com SaaS). You have personally handled upgrades, backups, high-availability configurations, runner management, and performance tuning.
- CI/CD pipeline architecture. You design and maintain reusable pipeline templates and parent/child pipeline structures, and you ve integrated pipelines with security scanners and artifact repositories. We use JFrog and Wiz; experience with these specifically is a plus.
- GitLab Runner management at scale. You understand the trade-offs between shared, group, and project-scoped runners, and you ve operated runners using the Kubernetes executor on EKS.
- Authentication and access control. You ve implemented and maintained SAML/SSO/LDAP integration and designed group and project permission models at enterprise scale.
- Infrastructure-as-code fluency. You re fluent in Terraform, ideally including the GitLab provider, and you instinctively manage configuration as code rather than clicking through the UI.
Strong Nice-to-Haves
- GitLab Geo experience, including replication and disaster-recovery scenarios.
- Container Registry and Package Registry administration.
- Migration experience such as onboarding organizations into GitLab, or executing major version upgrades on self-managed instances.
- Hands-on experience integrating GitLab with Kubernetes/EKS for runner workloads and deployment pipelines.
- Federal or regulated-industry exposure: FedRAMP, IL5, NIST 800-53, and familiarity with the ATO process.
Security Responsibilities Security is not a separate workstream in this role it s built into the platform you operate.

You will:
- Integrate and maintain security and vulnerability scanning (e.g., Wiz, SAST/DAST, dependency and container scanning) directly within CI/CD pipelines, and ensure findings are visible and actionable for engineering teams.
- Harden the GitLab platform itself: enforce least-privilege access models, manage secrets and CI/CD variables securely, and keep the environment patched and current with security releases.
- Implement and maintain supply-chain security controls, such as signed artifacts, trusted artifact repositories (JFrog), and policies that prevent untrusted dependencies from entering builds.
- Support audit, logging, and compliance requirements, and help maintain the platform s posture against frameworks such as NIST 800-53 in support of FedRAMP/IL5 and ATO obligations.
- Partner with security and compliance teams to translate control requirements into enforceable, automated platform configuration.
Who You Are
Vocal and comfortable speaking up. This is a genuine requirement, not a throwaway line. We need someone who will raise concerns early, flag risks before they become incidents, push back on shortcuts that compromise security or stability, and advocate for the right technical approach, even when it s not the easiest conversation in the room. Quiet competence isn t enough here; we need your voice. - A specialist at heart. You d rather know one critical platform deeply than know ten tools superficially.
- Current. You ve worked on self-managed GitLab within the last couple of years and keep pace with how quickly the product evolves.
- Pragmatic and security-minded, with a bias toward automation and codified, repeatable configuration over manual changes.
What We re Looking For (and What We re Not)
To be clear about the bar for this role: we re looking for an administrator and platform owner, not an end user. Candidates whose GitLab experience amounts to having used it at a previous company are not a fit. Likewise, generalists who can name many tools but can t go deep on the operation of any of them won t be the right match. Because self-managed GitLab changes quickly, we re specifically looking for people who have administered it hands-on recently. If you ve run GitLab self-managed in earnest, kept it up, kept it fast, kept it secure, and kept its users productive, we want to talk to you.

If you are available, interested, planning to make a change, or know of a friend who might have the required qualifications and interest, please call me ASAP on / If you do respond via e-mail ( ) please include a daytime phone number so I can reach you. In considering candidates, time is of the essence, so please respond ASAP with your updated resume.

Established in 2003, JTSi is a Professional IT & Engineering Services provider with years of documented experience in the Information Technology and Engineering services field. JTSi has a proven track record for successfully delivering mission critical Professional services to the Government and the industry. JTSi SAP team delivers solutions to its clients by clearly understanding their core business problems. We deliver quality services at equitable rates and focus on constant improvement in all areas of our operation, austerely complying to the customer s desire. We view our-selves more as a business partner than a mere provider of consulting services. At JTSi customer is always first and partnering is our means to customer satisfaction. We do what we say!