Senior Backend Engineer, SSCS: Pipeline Security

Senior Backend Engineer, SSCS: Pipeline Security

As a Senior Backend Engineer on the Pipeline Security team at GitLab, you will take charge of our native Secrets Manager, a system designed to secure sensitive credentials in GitLab CI/CD pipelines. You will work with backend engineering and infrastructure to shape our architecture using Ruby on Rails and Go.

About the Role

Your role will involve guiding the technical direction of our Secrets Manager, moving it toward general availability, and establishing patterns for the team. You will have ownership from design to production operations, helping to identify future needs and improve our feature delivery.

What You'll Do

• Build and maintain secure, readable backend code primarily in Ruby on Rails, with some development in Go.
• Design backend architecture for security features, including secrets access control and pipeline security enforcement.
• Lead the development of role-based access control models, GraphQL APIs, and supporting application patterns.
• Own features from technical design and implementation through deployment, validation, and production support.
• Collaborate with Product, security partners, and other engineering teams to document tradeoffs and align on direction.
• Improve code quality, maintainability, security, and performance through code review and design iteration.
• Build and maintain Helm charts for Kubernetes-based deployments.
• Validate features in Kubernetes environments using GitLab testing and performance testing frameworks.

What We're Looking For

• Experience building and maintaining backend features with a focus on secure design and production reliability.
• Ability to write production-quality code in Ruby on Rails, including security patterns and risk reviews.
• Working knowledge of CI/CD concepts and potential pipeline misconfigurations.
• Familiarity with secrets management approaches and security practices; experience with tools like HashiCorp Vault is helpful.
• Comfort collaborating across teams in a distributed environment and communicating technical tradeoffs clearly.
• Experience debugging production issues, especially security-related behavior.
• Openness to learning new domains and tools, including Go and container security.

Nice to Have

Experience with software supply chain security is a plus.

What We Offer

• Flexible Paid Time Off.
• Team Member Resource Groups.
• Equity Compensation & Employee Stock Purchase Plan.
• Growth and Development Fund.
• Parental leave.
• Home office support.

The salary for this role ranges from $120,000 to $170,000, depending on experience.

Additional Information

We welcome candidates with varying levels of experience. Many successful applicants do not meet every requirement. If you're excited about this role, please apply. Our recruiters will assess your application.

GitLab hires new team members globally. All roles are remote, but some may have specific location-based requirements. Our Talent Acquisition team can answer any questions about location during the recruiting process.

GitLab is proud to be an equal opportunity workplace. We do not tolerate discrimination or harassment based on any protected characteristic. If you need accommodation during the recruiting process, please let us know.