GitLab11.04.2026

Staff Backend Engineer, Software Supply Chain Security

Remote

Обязанности

  • 01Define and drive the technical architecture for the SSCS Add-On, including backend systems for package policy enforcement, provenance generation, artifact signing, and malicious package detection
  • 02Lead design and implementation work for Supply-chain Levels for Software Artifacts (SLSA) Level 2 and Level 3 capabilities within GitLab CI/CD
  • 03Architect integrations with Sigstore services such as Cosign, Fulcio, and Rekor, including approaches for signing workflows, verification, and trust boundaries
  • 04Design backend services and request paths that support allow, deny, and quarantine package policies with strong performance and reliability expectations
  • 05Review merge requests with a focus on security, architectural consistency, maintainability, and test quality
  • 06Mentor Backend Engineers across experience levels, helping raise the technical bar through design guidance, feedback, and hiring participation
  • 07Partner with Product, Infrastructure, Authentication, Authorization, and Security counterparts on cross-team technical decisions
  • 08Contribute to relevant open source and industry conversations, including working groups related to software supply chain security where appropriate

Требования

  • 01Strong experience building backend applications with Ruby on Rails in a high-scale production environment
  • 02Professional experience with Go for backend or infrastructure-oriented services
  • 03A track record of leading architecture across multiple systems and influencing technical direction through strong engineering judgment
  • 04Experience writing clear technical proposals, request for comments documents, and decision records in an async, documentation-first environment
  • 05A solid security mindset and comfort working on products where trust, risk reduction, and secure defaults are central requirements
  • 06Familiarity with software supply chain security concepts such as build provenance, artifact signing, dependency security, or software bill of materials
  • 07Strong teamwork and communication skills, with the ability to work effectively across distributed teams and functions
  • 08Interest in GitLab's values and in building secure, scalable product capabilities that help customers ship software with confidence

Условия

  • 01Remote work
  • 02Asynchronous work environment
  • 03Flexible Paid Time Off
  • 04Team Member Resource Groups
  • 05Equity Compensation & Employee Stock Purchase Plan
  • 06Gro