Backend Engineer, Security Policies

Company Information

GitLab is an open-core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations. Our mission is to enable everyone to contribute to and co-create the software that powers our world. We embrace AI as a core productivity multiplier, encouraging team members to incorporate AI into their daily workflows.

Position Overview

Join GitLab's Security Policies team as a Backend Engineer to architect the security infrastructure protecting millions of applications worldwide. This role involves a major technical transformation: migrating from YAML-based policy storage to first-class GitLab entities. You will become a cross-platform integration expert, connecting features across the entire GitLab platform. This is an opportunity to design solutions that efficiently enforce security policies across thousands of projects for the world's largest organizations, making policies invisible to developers while providing unprecedented control to security teams.

Examples of our projects:

• Pipeline Execution Policies - Intelligent automation for security workflows
• Scan Execution Policies - Adaptive security scanning across diverse tech stacks
• Merge Request Approval Policies - Sophisticated approval workflows that scale with enterprise needs
• External Status Checks - Seamless third-party security tool integration

Responsibilities

• Lead the architectural transformation of policy storage from YAML files to first-class GitLab entities.
• Design and implement security policy features that enforce behaviors across thousands of projects efficiently.
• Serve as DRI (Directly Responsible Individual) for features, taking them from initial planning through successful release with post-coverage.
• Connect and integrate features across GitLab's platform, working with teams from Verify to Code Review.
• Champion comprehensive testing and code quality improvements to ensure reliability at scale.
• Collaborate with Sec Section teams and cross-functional partners to deliver seamless security automation.
• Optimize performance and security in high-scale distributed systems.
• Provide technical leadership by independently solving complex requirements with minimal guidance.
• Contribute to on-call rotations, ensuring the stability and security of GitLab operations.

Requirements

• Proven expertise in Ruby on Rails development (2-4 years experience).
• Proficiency in SQL databases, particularly PostgreSQL.
• Strong understanding of software testing methodologies and test-driven development practices.
• API development and integration experience with complex systems.
• Ability to understand and work with large, interconnected codebases and abstract complex problems.
• Experience taking projects from concept to production independently.
• Effective communication skills and ability to collaborate across multiple teams and time zones.
• Security domain knowledge.

Employment Type

• [Employment Type Not Specified]

Location Type

• [Location Type Not Specified]

Salary

• [Salary Not Specified]

Application Instructions

• [Application Instructions Not Specified]