Qualifications
Required Qualifications:
Experience:
5+ years in DevOps engineering roles, with 3+ years working with GitLab CI/CD.
Proven experience managing Azure cloud resources and implementing CI/CD pipelines for cloud-based applications.
Technical Skills:
Expertise in GitLab CI/CD pipeline configuration, GitLab runners, and integrations.
Proficiency in Azure services, including virtual networks, storage accounts, and Azure Kubernetes Service (AKS).
Strong knowledge of scripting languages like PowerShell, Bash, or Python for pipeline automation.
Hands-on experience with Infrastructure as Code (IaC) tools like Terraform, ARM templates, or Bicep.
Soft Skills:
Strong analytical and problem-solving skills.
Effective communication skills to collaborate with cross-functional teams.
Ability to work independently and as part of a team in a fast-paced environment.
Desired Qualifications:
Knowledge of Azure DevOps and hybrid setups integrating Azure DevOps and GitLab CI/CD.
Experience with container orchestration platforms such as Kubernetes and Docker.
Certifications include Microsoft Certified: DevOps Engineer Expert or GitLab Certified DevOps Professional.
Familiarity with multi-cloud or hybrid cloud deployments.
Responsibilities
CI/CD Pipeline Design and Management
Design, implement, and maintain CI/CD pipelines using the GitLab CI/CD platform to support the full application build lifecycle, ensuring smooth integration and deployment of applications.
Develop and enforce best practices for source code management, branch strategies, and GitLab runner configurations.
Collaborate with development teams to identify key pipeline requirements and workflows, enabling continuous integration, automated testing, and efficient deployments.
Ensure pipelines are scalable, efficient, and capable of supporting parallel builds, automated rollbacks, and multi-environment deployments.
Azure Cloud Infrastructure Support
Manage and optimize cloud resources in Azure, including virtual machines, networking, and storage to support DevOps processes.
Implement Infrastructure as Code (IaC) using Terraform, ARM templates, or Bicep to automate the provisioning and management of Azure resources.
Collaborate with cloud architects to ensure CI/CD processes align with Azure Landing Zone (ALZ) principles.
Security and Compliance
Implement security practices within CI/CD pipelines, such as secret management, least-privilege access controls, and identity integration with Azure AD.
Implement Software Composition Analysis (SCA) & SBOM Integration: Integrate and manage continuous scanning tools (e.g., OWASP Dependency Check, Dependency-Track, CycloneDX) to automatically detect and address vulnerable open-source dependencies and maintain accurate software bill of materials (SBOMs).
Implement Static Application Security Testing (SAST): Implement SAST tools (e.g., SonarQube, Checkmarx) within the CI/CD pipeline to detect security vulnerabilities, code smells, and compliance issues early in the development lifecycle.
Implement Container Security: Integrate container image scanning tools (e.g., Trivy, Aqua Security) to identify and remediate vulnerabilities in base images, configurations, and dependencies before production deployments.
Implement Secrets Detection and Management: Automate secrets detection and management using secure vaulting solutions (e.g., HashiCorp Vault, Azure Key Vault) to prevent hard-coded secrets and unauthorized access during builds.
Automated Compliance and Policy Enforcement: Implement automated compliance checks and enforce security policies directly within GitLab CI/CD pipelines, generating actionable reports to ensure adherence to standards like NIST SP 800-53, CMMC, and OWASP.
Monitoring and Optimization
Set up and manage GitLab monitoring, logging, and performance optimization tools.
Use tools like Azure Monitor, Log Analytics, and Application Insights to monitor deployment health and optimize pipeline performance.
Continuously improve pipeline efficiency and deployment speed while minimizing downtime.
Collaboration and Support
Work closely with development, QA, and security teams to integrate their workflows into the GitLab CI/CD process.
Provide technical support for developers and teams and assist with CI/CD Pipeline Troubleshooting: Investigate and resolve CI/CD pipeline issues, including build failures, deployment errors, or security-related blockages, to minimize downtime and disruption to development teams.
Provide Incident Response and Continuous Improvement: Lead root cause analysis and post-mortem reviews for CI/CD incidents and outages, documenting lessons learned and implementing process improvements to prevent future occurrences.
Provide Cross-functional collaboration: Work closely with development, security, and operations teams to continuously enhance CI/CD workflows, addressing emerging security threats and optimizing delivery performance.
Automation and Integration
Develop and maintain automated deployment pipelines for containerized applications using Kubernetes and Azure Kubernetes Service (AKS).
Integrate GitLab CI/CD with third-party testing, monitoring, and reporting tools.
Automate routine tasks like pipeline testing, artifact creation, and environment cleanups.