gitlab
Senior Backend Engineer (RoR/Go), SSCS: Pipeline Security
At a Glance
- Location
- Remote
- Work Regime
- remote
- Posted
- 2026-03-10T20:59:34-04:00
Key Requirements
Required Skills
Domain Knowledge
- Engineering
- Supply Chain
Requirements
building and maintaining backend features with a focus on secure design, data handling, and production reliability.
to write production-quality code in
, including use of framework security patterns and review for common application risks.
concepts and the ways pipelines can be misconfigured, abused, or expose sensitive data.
with secrets management approaches and security practices for handling credentials in CI environments; experience with tools such as
or similar systems is helpful.
Responsibilities
and maintain secure, readable backend code primarily in
, with some development in
for targeted components.
backend architecture for complex security features, including secrets access control, pipeline security enforcement, and
the development of role-based access control models,
APIs, and supporting application patterns for features owned by the team.
Team
The Pipeline Security team builds features that make GitLab CI pipelines more secure and trustworthy for teams running sensitive workloads. We own key parts of pipeline security within GitLab's CI/CD experience, with our current focus on native secrets management for CI pipelines and
Supply-chain Levels for Software Artifacts (SLSA) Level 3
capabilities to strengthen software supply chain security. We work asynchronously across regions and collaborate closely with Product and security partners, using clear design discussions, documented decisions, and iterative delivery across
Ruby on Rails
and
Go