Principal Engineer, Software Supply Chain Security
GitLab
about 1 month ago
Remote, Canada +4 more
Staff+
Base Salary
$158k - $338k/yr
Responsibilities
- Lead the end-to-end software supply chain security architecture for GitLab’s CI/CD platform.
- Drive cross-team technical strategy and decisions across Software Supply Chain Security stage teams.
- Collaborate with infrastructure and CI/CD teams to design secure, scalable runner architecture.
- Propose and validate technical implementations to improve CI/CD scaling and performance.
- Teach, mentor, and coach Staff Engineers on supply chain threat modeling and security practices.
- Partner with Engineering Managers to define roadmaps and enable Staff Engineers to lead initiatives.
- Engage with customers as a technical consultant for GitLab’s software supply chain security.
- Collaborate with product, security, and compliance stakeholders to meet enterprise security expectations.
Requirements
- Deep expertise in software supply chain security and threat modeling.
- Strong knowledge of artifact signing and verification using the Sigstore ecosystem.
- Experience designing and hardening CI/CD security in large-scale environments.
- Background in distributed systems and infrastructure for resilient CI/CD platforms.
- Practical experience with container and Kubernetes security.
- Proficiency in Go or Rust in a production environment.
- Experience operating as a Principal or Staff Engineer across multiple development teams.
- Demonstrated capacity to communicate complex problems and solutions clearly.
Benefits
- Benefits to support your health, finances, and well-being.
- Flexible Paid Time Off.
- Team Member Resource Groups.
- Equity Compensation & Employee Stock Purchase Plan.
- Growth and Development Fund.
- Parental leave.
- Home office support.
Tech Stack
GoKubernetesRust
Categories
DevOpsSecurity