gitlab

Senior Backend Engineer (RoR/Go), SSCS: Pipeline Security

Apply Now

At a Glance

Location
Remote
Work Regime
remote
Posted
2026-03-10T20:59:34-04:00

Key Requirements

Required Skills

CI/CDRuby

Domain Knowledge

  • Engineering
  • Supply Chain

Requirements

building and maintaining backend features with a focus on secure design, data handling, and production reliability.

to write production-quality code in

, including use of framework security patterns and review for common application risks.

concepts and the ways pipelines can be misconfigured, abused, or expose sensitive data.

with secrets management approaches and security practices for handling credentials in CI environments; experience with tools such as

or similar systems is helpful.

Responsibilities

and maintain secure, readable backend code primarily in

, with some development in

for targeted components.

backend architecture for complex security features, including secrets access control, pipeline security enforcement, and

the development of role-based access control models,

APIs, and supporting application patterns for features owned by the team.

Team

The Pipeline Security team builds features that make GitLab CI pipelines more secure and trustworthy for teams running sensitive workloads. We own key parts of pipeline security within GitLab's CI/CD experience, with our current focus on native secrets management for CI pipelines and

Supply-chain Levels for Software Artifacts (SLSA) Level 3

capabilities to strengthen software supply chain security. We work asynchronously across regions and collaborate closely with Product and security partners, using clear design discussions, documented decisions, and iterative delivery across

Ruby on Rails

and

Go