GitLab27.04.2026

Staff Infrastructure Security Engineer (APAC, EMEA, or US)

Remote

Обязанности

  • 01Set architectural patterns, reference implementations, and foundational security automation that shape how infrastructure security is implemented across GitLab
  • 02Lead infrastructure security initiatives from problem framing through delivery, scoping ambiguous multi-quarter work into executable streams with clear success criteria
  • 03Conduct and lead comprehensive security reviews and threat modeling for complex infrastructure components, identifying systemic risks and driving remediation across affected systems
  • 04Set the team's approach to AI-assisted security engineering, identifying where AI can meaningfully increase leverage and establishing patterns others can adopt
  • 05Serve as an authoritative technical voice for Infrastructure Security across our stakeholders, translating architectural tradeoffs into clear decisions for engineering teams and senior leadership
  • 06Partner on technical planning, prioritization, and roadmap development to align technical work with business objectives
  • 07Mentor and develop engineers, raising the technical bar and modeling inclusive collaboration
  • 08Fulfill the Product Security Division Mission of securing GitLab Infrastructure with our own product (dogfooding)

Требования

  • 01Expert knowledge of security for cloud infrastructure (AWS/GCP/Azure), container orchestration (Kubernetes) and related infrastructure and data security topics
  • 02Proficiency in multiple programming languages (Go, Python, Ruby) with a track record of delivering production-quality security tooling
  • 03Extensive experience with Infrastructure-as-Code security (Terraform, Ansible, CloudFormation), policy-as-code, and automated compliance
  • 04Hands-on experience applying AI to security workflows, with a point of view on where it creates meaningful leverage
  • 05Track record of leading multi-team technical initiatives from ambiguous problem statements to measurable outcomes, setting technical direction that peer teams adopt
  • 06Strong written and verbal communication skills, able to explain security tradeoffs to technical and non-technical audiences, including senior leadership
  • 07Familiarity with security certifications, frameworks, and standards (FedRAMP, ISO 27001, SOC 2, PCI-DSS)
  • 08Share our values, and work in accordance with those values

Условия

  • 01Benefits to support your health, finances, and well-being
  • 02Flexible Paid Time Off
  • 03Team Member Resource Groups
  • 04Equity Compensation & Employee Stock Purchase Plan
  • 05Growth and Development Fund
  • 06Parental Leave
  • 07All of our roles are remote