Halvik Corp delivers a wide range of services to 13 executive agencies and 15 independent agencies. Halvik is a highly successful WOB business with more than 50 prime contracts and 500+ professionals delivering Digital Services, Advanced Analytics, Artificial Intelligence/Machine Learning, Cyber Security and Cutting-Edge Technology across the US Government. Be a part of something special!

The DevSecOps Lead is responsible for architecting, securing, and operating GitLab Enterprise pipelines within the Army's ECMA (cARMY) cloud environment. This role ensures deterministic, repeatable, and fully auditable build and deployment workflows across containerized
services, EC2-based runners, ECS-deployed applications, and Postgres-backed systems. The position is central to maintaining enterprise-grade DevSecOps readiness, enforcing compliance controls, and enabling rapid, reliable delivery of mission software.

Responsibilities:

Pipeline Architecture & Operations

• Design, implement, and maintain GitLab Enterprise CI/CD pipelines for Java/Spring Boot and
  containerized applications
• Manage EC2-based GitLab runners, autoscaling groups, and secure execution environments
• Build and maintain deployment workflows targeting Amazon ECS (Fargate or EC2 launch types)
• Implement artifact versioning, promotion workflows, and environment-specific deployment gates
• Ensure pipelines support deterministic AI-generated code integration and reproducible builds

Security, Compliance & cARMY Integration

• Ensure all pipelines comply with Army ECMA/cARMY security policies, boundary controls, and
  audit requirements
• Integrate STIG-aligned scanning, dependency checks, SAST/DAST, and container security tooling
• Maintain traceability and documentation required for ATO, RMF, and continuous monitoring
• Enforce least-privilege IAM roles, credential management, and secure secrets handling

Automated Testing & Quality Gates

• Integrate JUnit, mocking frameworks, and automated test suites into CI/CD workflows
• Ensure pipelines enforce quality gates before merge, promotion, or deployment
• Support integration testing, smoke testing, and environment validation steps

Infrastructure & Environment Management

• Manage container registries, image hardening, and secure image lifecycle
• Support ECS service deployments, task definitions, and container orchestration workflows
• Coordinate EC2, VPC, networking, IAM, and ECS cluster configurations with platform teams
• Support Postgres database provisioning, migrations, and pipeline-driven schema updates
• Maintain environment parity across dev, test, staging, and production

Cross-Team Collaboration

• Work closely with developers, integration teams, QA, cybersecurity, and platform engineering
• Provide guidance on pipeline readiness, deployment blockers, and DevSecOps best practices
• Support release readiness reviews and operational documentation

Required Qualifications:

• 10+ years experience in software development, DevOps, or platform engineering
• 5+ years hands-on experience with GitLab CI/CD in enterprise environments
• Experience operating pipelines with containers, EC2 runners, ECS deployments, and Postgres
• Strong background in secure DevSecOps practices, automated testing, and pipeline governance
• Familiarity with DoD cloud environments, preferably cARMY / ECMA
• Experience integrating SAST/DAST, dependency scanning, and container security tools- Strong understanding of microservices, container orchestration, and cloud networking

Education:

• Bachelor's degree in Computer Science, Information Systems, Software Engineering, or related
  field
• Master's degree preferred
• Ability to work effectively in a remote, distributed engineering environment

 Clearance: Active Secret security clearance required