GitLab

Engineering Manager, Software Supply Chain Security: Pipeline Security

Remote

Auto‑apply with AI Apply
Not SpecifiedCompensation
Junior (1 to 2 years)Experience Level
Full TimeJob Type
UnknownVisa
Software Development & EngineeringIndustries

Requirements

Candidates should possess experience with software supply chain security concepts and tools, an understanding of the SLSA (Supply-chain Levels for Software Artifacts) framework and its application in CI/CD pipelines, and familiarity with software artifact provenance, attestation, and vulnerability management.

Responsibilities

The Engineering Manager will lead a team focused on developing features for Software Supply Chain Security, primarily focused on CI job artifact security within the SLSA compliance framework, collaborate with Product Managers to define and prioritize the roadmap for Supply Chain Security features, stay current with industry standards and best practices in software supply chain security, partner with Security team members to ensure features meet the highest security standards, educate and advocate for supply chain security best practices across GitLab, and represent GitLab in industry forums related to software supply chain security when appropriate.

Skills

Software Supply Chain Security
CI/CD pipeline
SLSA compliance
SBOM
Vulnerability Management
Team Leadership
Product Roadmap Planning
Industry Standards

GitLab

Unified DevOps platform for software development

Website

About GitLab

GitLab offers a DevOps platform that simplifies the software development process by providing a single application for collaboration, visibility, and speed. The platform integrates various tools needed for software development, which helps teams manage their projects more efficiently without juggling multiple tools. This allows companies to concentrate on enhancing their products instead of spending too much time on builds. GitLab serves a wide range of clients, including large corporations from different industries, demonstrating its versatility. The company operates on a subscription-based model, where clients pay for access to the platform, which includes features for continuous integration and deployment. GitLab also provides free trials and regularly updates its platform to deliver ongoing value to its users. By customizing its offerings and partnering with other technology providers, GitLab aims to enhance its ecosystem and drive revenue.

Key Metrics

San Francisco, CaliforniaHeadquarters
2014Year Founded
$421.8MTotal Funding
IPOCompany Stage
Consulting, Enterprise SoftwareIndustries
1,001-5,000Employees

Benefits

Spending Company Money
Equity Compensation
Life Insurance
Financial Wellness
Paid Time Off
Growth and Development Benefit
GitLab Contribute
Business Travel Accident Policy
Immigration
Employee Assistance Program
Incentives
All-Remote
Part-time contracts
Meal Train
Fertility & Family Planning
Parental Leave

Risks

AI-powered coding assistants like Claude pose a competitive threat to GitLab's platform.
Potential sale to Datadog may lead to strategic shifts misaligned with customer expectations.
Integration of Oxeye may distract from GitLab's core DevOps offerings.

Differentiation

GitLab offers a unified DevOps platform, reducing complexity in software development.
The platform integrates tools for collaboration, visibility, and speed, enhancing development processes.
GitLab's open-source model fosters continuous innovation with a large developer community.

Upsides

Acquiring Oxeye enhances GitLab's cloud security, appealing to security-conscious enterprises.
Partnership with Ooredoo Kuwait expands GitLab's influence in the telecommunications sector.
Potential sale to Datadog could create strategic synergies and expand market reach.

Related Jobs

Canada +8 more
Remote

Software Engineer, Supply Chain Security

Docker
75,200 - 103,400 EUR/year
  • Full Time
  • Junior (1 to 2 years)
United States
Remote

Manager, Product Security

Chainguard
Salary not specified
  • Full Time
  • Mid-level (3 to 4 years), Senior (5 to 8 years)
Remote +2 more
Remote

Product Security Engineer

Clerk
Salary not specified
  • Full Time
  • Internship
United States
Remote

Senior Security Engineer, Application & Cloud

Rad AI
150,000 - 180,000 USD/year
  • Full Time
  • Senior (5 to 8 years)
United States +4 more
Remote

Security Engineer, Product Security

Chainlink Labs
Salary not specified
  • Full Time
  • Mid-level (3 to 4 years), Senior (5 to 8 years)
United States
Remote

Security Engineer, DevSecOps

Aerospike
Salary not specified
  • Full Time
  • Junior (1 to 2 years)
United States
Remote

Senior Manager, Security Operations

Tines
Salary not specified
  • Full Time
  • Senior (5 to 8 years)
San Mateo +6 more
Remote

Senior Product Security Engineer

Goodleap
60,000 - 90,000 USD/year
  • Full Time
  • Senior (5 to 8 years), Mid-level (3 to 4 years)
Columbus +4 more
Remote

Senior Application Security Engineer

Loop
Salary not specified
  • Full Time
  • Senior (5 to 8 years)
United States
Remote

Senior Security Engineer

EnergyHub
Salary not specified
  • Full Time
  • Senior (5 to 8 years)

Land your dream remote job 3x faster with AI

Try Jobo Free