GitLab11.04.2026
Staff Backend Engineer, Software Supply Chain Security
Remote
Обязанности
- 01Define and drive the technical architecture for the SSCS Add-On, including backend systems for package policy enforcement, provenance generation, artifact signing, and malicious package detection
- 02Lead design and implementation work for Supply-chain Levels for Software Artifacts (SLSA) Level 2 and Level 3 capabilities within GitLab CI/CD
- 03Architect integrations with Sigstore services such as Cosign, Fulcio, and Rekor, including approaches for signing workflows, verification, and trust boundaries
- 04Design backend services and request paths that support allow, deny, and quarantine package policies with strong performance and reliability expectations
- 05Review merge requests with a focus on security, architectural consistency, maintainability, and test quality
- 06Mentor Backend Engineers across experience levels, helping raise the technical bar through design guidance, feedback, and hiring participation
- 07Partner with Product, Infrastructure, Authentication, Authorization, and Security counterparts on cross-team technical decisions
- 08Contribute to relevant open source and industry conversations, including working groups related to software supply chain security where appropriate
Требования
- 01Strong experience building backend applications with Ruby on Rails in a high-scale production environment
- 02Professional experience with Go for backend or infrastructure-oriented services
- 03A track record of leading architecture across multiple systems and influencing technical direction through strong engineering judgment
- 04Experience writing clear technical proposals, request for comments documents, and decision records in an async, documentation-first environment
- 05A solid security mindset and comfort working on products where trust, risk reduction, and secure defaults are central requirements
- 06Familiarity with software supply chain security concepts such as build provenance, artifact signing, dependency security, or software bill of materials
- 07Strong teamwork and communication skills, with the ability to work effectively across distributed teams and functions
- 08Interest in GitLab's values and in building secure, scalable product capabilities that help customers ship software with confidence
Условия
- 01Remote work
- 02Asynchronous work environment
- 03Flexible Paid Time Off
- 04Team Member Resource Groups
- 05Equity Compensation & Employee Stock Purchase Plan
- 06Gro