GitLab27.04.2026
Staff Infrastructure Security Engineer (APAC, EMEA, or US)
Remote
Обязанности
- 01Set architectural patterns, reference implementations, and foundational security automation that shape how infrastructure security is implemented across GitLab
- 02Lead infrastructure security initiatives from problem framing through delivery, scoping ambiguous multi-quarter work into executable streams with clear success criteria
- 03Conduct and lead comprehensive security reviews and threat modeling for complex infrastructure components, identifying systemic risks and driving remediation across affected systems
- 04Set the team's approach to AI-assisted security engineering, identifying where AI can meaningfully increase leverage and establishing patterns others can adopt
- 05Serve as an authoritative technical voice for Infrastructure Security across our stakeholders, translating architectural tradeoffs into clear decisions for engineering teams and senior leadership
- 06Partner on technical planning, prioritization, and roadmap development to align technical work with business objectives
- 07Mentor and develop engineers, raising the technical bar and modeling inclusive collaboration
- 08Fulfill the Product Security Division Mission of securing GitLab Infrastructure with our own product (dogfooding)
Требования
- 01Expert knowledge of security for cloud infrastructure (AWS/GCP/Azure), container orchestration (Kubernetes) and related infrastructure and data security topics
- 02Proficiency in multiple programming languages (Go, Python, Ruby) with a track record of delivering production-quality security tooling
- 03Extensive experience with Infrastructure-as-Code security (Terraform, Ansible, CloudFormation), policy-as-code, and automated compliance
- 04Hands-on experience applying AI to security workflows, with a point of view on where it creates meaningful leverage
- 05Track record of leading multi-team technical initiatives from ambiguous problem statements to measurable outcomes, setting technical direction that peer teams adopt
- 06Strong written and verbal communication skills, able to explain security tradeoffs to technical and non-technical audiences, including senior leadership
- 07Familiarity with security certifications, frameworks, and standards (FedRAMP, ISO 27001, SOC 2, PCI-DSS)
- 08Share our values, and work in accordance with those values
Условия
- 01Benefits to support your health, finances, and well-being
- 02Flexible Paid Time Off
- 03Team Member Resource Groups
- 04Equity Compensation & Employee Stock Purchase Plan
- 05Growth and Development Fund
- 06Parental Leave
- 07All of our roles are remote