Gitlab: Staff Product Security Architect

Related keywords: devops remote jobsales remote jobremote job work from anywhere

Overview

GitLab is a pioneering open-core software company that specializes in an AI-powered DevSecOps platform. The platform supports over 100,000 organizations, emphasizing a mission that enables collective contributions to software development. By harnessing the participation of consumers, GitLab aims to revolutionize human advancement and redefine the capabilities of software development. The company fosters a culture where innovation thrives, supported by deep collaboration among industry leaders.

Role Description

The organization is currently seeking a Staff Product Security Architect to join its Security Platforms & Architecture Team. This position is pivotal as the architect will serve as a strategic security consultant to GitLab's Core DevOps organization. The selected candidate will work closely with technical leadership across various operational stages such as Plan, Create, Verify, and Package, anticipating potential security challenges and driving essential risk reduction strategies.

Key Responsibilities

The Staff Product Security Architect will take on several crucial responsibilities including:

• Acting as the security architect and strategic partner for Core DevOps leadership, thereby developing a profound understanding of objectives, challenges, and the overall roadmap.
• Leading security architecture and design efforts for key Core DevOps operations with clear directives and proactive guidance to workshops.
• Identifying and reducing systemic risks highlighted in the Product Security Risk Register, particularly surrounding CI/CD pipelines, source code management, and DevOps workflows.
• Proactively addressing upcoming security challenges by suggesting architectural solutions prior to critical implementation phases.
• Collaborating with Application Security engineers to ensure thorough security reviews and prioritizing efforts related to Core DevOps.
• Conducting in-depth security reviews for major strategic projects while developing and disseminating specific security standards for CI/CD practices.

The role emphasizes cultivating strong ties with technical leaders within Core DevOps to maintain visibility on initiatives and drive favorable security outcomes.

Required Skills and Experience

To excel in this role, the candidates should possess the following qualifications:

• Expertise in CI/CD pipeline security including runner isolation, secrets management, and artifact security planning to prevent supply chain attacks.
• In-depth understanding of source code management security, covering aspects like merge request workflows and access control protocols.
• Demonstrable experience in securing DevOps toolchains and mitigating systemic risks across continuous integration and delivery systems.
• Proven track record in fostering trusted relationships with engineering leadership, influencing technical strategies through collaboration and expertise.
• Historical accomplishments showcasing proactive security architecture efforts; ideally, identifying and solving issues before they escalate.

In addition to the essential qualifications, the following are considered nice-to-have skills:

• Understanding of security in container registries and surrounding package management security.
• Familiarity with cryptographic systems, governmental security protocols (like FedRAMP), and knowledge related to various security standards such as ISO 27001 or SOC 2.
• Competency in quantifying risks through security metrics or Key Risk Indicators.

Salary and Benefits

The base salary range for this role varies based on geographical location, particularly in the United States, where it ranges from $140,000 to $260,000 USD. This estimate does not encompass added bonuses, equity, or benefits that will be provided. Notably, sales roles within the organization may be eligible for incentive pay targeting up to 100% of the base salary. GitLab’s benefits designed to promote health and well-being include:

• Flexible Paid Time Off
• Equity Compensation & Employee Stock Purchase Plan
• Parental leave
• Options for home office support

Working Environment and Opportunities

GitLab champions a diverse workplace environment and encourages candidates from all backgrounds to apply, even if they do not meet every listed requirement. The company aims to support candidates with varying experience levels, aiming to ensure equal opportunity for all applicants regardless of personal characteristics. GitLab’s recruitment process is open, valuing merit above all.

With a high-performance culture that promotes knowledge-sharing and collaboration, personnel at GitLab are encouraged to reach their full potential while contributing to significant technology advancements. The organization is dedicated to establishing a cohesive team that focuses on tackling complex security dilemmas while moving at high development velocity, particularly as it continuously refines its Core DevOps architecture.

This job offer was originally published on weworkremotely.com