Staff Product Security Architect

GitLab

20 days ago

Remote, Canada +2 more

Staff+

Base Salary

$140k - $260k/yr

Responsibilities

Serve as the dedicated security architect for Core DevOps, understanding their priorities and challenges.
Lead security architecture and design work for strategic initiatives, providing guidance to cross-functional teams.
Identify and drive reduction of systemic security risks in the Product Security Risk Register.
Anticipate security challenges and propose architectural solutions before critical implementation phases.
Coordinate with Application Security engineers for comprehensive security review coverage.
Conduct security architecture reviews for large strategic projects across various stages.
Develop and communicate security standards specific to CI/CD security.
Collaborate with the Security Research team on proactive security exploration.
Cultivate strong relationships with Core DevOps technical leadership.

Deep expertise in CI/CD pipeline security, including runner isolation and secrets management.
Strong understanding of source code management security and access control patterns.
Proven experience securing DevOps toolchains and identifying systemic risks.
Demonstrated ability to build trusted relationships with engineering leadership.
Track record of proactive security architecture work and designing preventive solutions.
Strong background in application security with expertise in various attack vectors.
Experience translating complex security concepts into actionable recommendations.
Ability to operate strategically while remaining technically hands-on.
Nice to have: Experience with container registry security and government security requirements.

GraphQL