Own your opportunity to work alongside federal civilian agencies. Make an impact by providing services that help the government ensure the well being of U.S. citizens.
Job DescriptionContinuous Integration / Continuous Deployment (CI/CD) Subject Matter Expert
The CI/CD Subject Matter Expert (SME) is the technical authority for building and operating secure, reliable, and efficient delivery pipelines across on-prem and multi-cloud environments. In this role, the CI/CD Subject Matter Expert owns the last mile to production. You will design, implement, and operate continuous deployment practices that move changes safely and automatically from “approved” to “live”, with policy, security, and evidence built in. Your responsibilities include release orchestration, progressive delivery (blue/green, canary, feature flags), automated rollback, post-deployment verification against SLOs, and end-to-end traceability in ITSM. You’ll make deployments predictable for executives, painless for engineers, invisible to end users, and auditable for compliance. You will align day-to-day practices to federal frameworks (NIST RMF/CSF, Zero Trust/TIC 3.0, SSDF) and sustain ATO requirements through automation.
Timeline: This is a contingent posting, expected to start in August, 2026
HOW the CI/CD SME WILL MAKE AN IMPACT
You will replace legacy deployment practices with gated, observable, and reversible deployments that run without drama. By baking risk controls into the pipeline, pre-prod contract tests, change approvals as code, traffic shaping, health checks, and error-budget-aware promotion, you will cut change failure, shrink MTTR, and raise deployment frequency without increasing incidents. You’ll standardize a “paved road” to production, so teams spend their time building features, not handcrafting releases; leadership sees accurate, real-time status and rollback readiness; auditors see consistent records and evidence generated automatically with every deploy.
WHAT YOU’LL NEED TO SUCCEED:
Education: Bachelor's Degree. In lieu of a degree, an additional four years of related experience requiredExperience:10+ years in in DevOps/Platform Engineering with hands-on ownership of production deployments at enterprise scale; 3+ years in regulated or federal environments (VA/DoD/DHS/HHS or highly regulated industry).Demonstrated results improving DORA metrics (deployment frequency ↑, lead time ↓, change failure rate ≤5–10%, MTTR ↓20–40%) using progressive delivery and automated rollback.Demonstrated results improving delivery KPIs (e.g., lead time ↓30–50%, change failure rate ≤5–10%, MTTR ↓20–40%) while sustaining ATO/ConMon obligations.Proven implementation of feature-flag-driven releases, blue/green and canary strategies, and zero-downtime database changes (online migrations, backward-compatible schemas).Experience integrating deployments with ITSM (automated change models/approvals, deployment records, back-out plans) and generating audit-ready evidence for RMF/ConMon.Track record operating in multi-vendor/SIAM environments with cross-team release trains and joint incident “swarming.”Technical skills:Release Orchestration & Progressive Delivery: Deep experience with tools/patterns for blue/green, canary, and traffic shaping (e.g., gateways, service mesh, rollout controllers); automated promotion based on SLOs, synthetic checks, and real-user signals; automatic rollback on guardrail breach.Feature Management: Design of flag strategies (kill switches, dark launches, percentage rollouts), flag lifecycle hygiene, and blast-radius containment; governance to prevent “flag debt.”Policy & Security-as-Code: OPA/Conftest, Sentinel, Checkov, Cloud Custodian; required tags/encryption, CIS/STIG baselines; pre-merge and pre-deploy enforcement.Deployment Automation: GitOps/desired-state reconciliation (e.g., Argo CD/Flux) for infra and apps; immutable artifacts; environment drift detection and auto-reconcile; promotion through environment rings.Containers & Platforms: Kubernetes/OpenShift operations (admission control, image policies, mTLS/service mesh), serverless and event-driven patterns; blue/green & canary releases.Post-Deployment Verification: Telemetry-based health checks, canary analysis, error rates/latency budgets, capacity/perf gates, and automated smoke/contract tests in production-like paths.Security & Compliance in the Pipeline: Policy-as-code (tags, encryption, network controls), SSDF/supply-chain controls (SBOM, signed artifacts, provenance), secrets management, and OSCAL/RMF evidence emission per deploy.ITSM Integration: ServiceNow (or equivalent) change models, risk scoring, approvals-as-code, deployment records, and back-out plans tied to pipeline events; status page and comms hooks for RevOps.Resilience & Chaos-Safe Practices: Fault injection/chaos experiments in pre-prod, controlled in-prod experiments with guardrails; DR runbooks validated via scripted drills.Cost & Performance Awareness: Ephemeral environments, right-sized runners, cache strategies, and parallelization; collaboration with FinOps on cost per deploy and pipeline ROI.Security clearance level: Public TrustSkills and abilities:Outcome Orientation: Designs deployments to measurable targets, deployment frequency, lead time, change failure rate, MTTR, SLO burn and publishes trends transparently.Clear Communication: Explains rollout plans and risks in plain language for executives, engineers, and non-technical stakeholders; writes crisp runbooks and “go/hold/rollback” criteria.Enablement & Leadership: Coaches teams onto the paved road; runs release readiness reviews; builds a community of practice for deployment excellence.Risk Management Mindset: Uses counter-metrics (e.g., speed paired with quality) to prevent gaming; enforces “small, reversible changes” and safe-to-fail defaults.Collaboration in SIAM: Coordinates cross-vendor release trains, enforces handoff OLAs, and leads post-incident learning that becomes pipeline policy.Discipline & Governance: Maintains versioned deployment standards and exception processes; ensures OneVA TRM alignment where applicable; keeps documentation current.Preferred Certifications:AWS Certified DevOps EngineerMicrosoft Certified DevOps Engineer ExpertCertified Kubernetes Administrator / Application DeveloperDocker Certified AssociateLocation: Austin, TX – Hybrid Remote with periodic on-site meetings as required by the customerGDIT IS YOUR PLACE:
Full-flex work week to own your priorities at work and at home401K with company matchComprehensive health and wellness packagesInternal mobility team dedicated to helping you build your skills and own your careerProfessional growth opportunities including paid education and certificationsCutting-edge technology you can learn fromRest and recharge with paid vacation and 10 company-paid holidaysIf you’re passionate about making production deploys fast, safe, observable, and reversible, while meeting federal rigor and audit needs, we’d like to meet you.