about 4 hours ago
Remote, India
Senior
Responsibilities
- Design and implement backend features for software supply chain security, including policy enforcement and artifact verification.
- Build and enhance the package policy evaluation engine for improved accuracy and performance.
- Develop artifact signing and verification workflows, integrating with the Sigstore ecosystem.
- Create user-friendly configuration interfaces for enterprise security teams.
- Integrate Add-On capabilities with GitLab's existing security policy framework.
- Collaborate with teams to incorporate malicious package intelligence into the Add-On.
- Write and maintain comprehensive test coverage to ensure code quality.
- Review merge requests with a focus on security and maintain high engineering standards.
Requirements
- Proven backend engineering experience with expertise in Ruby on Rails.
- Working knowledge of Go or willingness to learn quickly.
- Solid API design skills, including experience with REST and GraphQL.
- Strong PostgreSQL fundamentals, including schema design and query optimization.
- Experience with Redis for caching and coordination.
- A security-aware engineering mindset with sound judgment on trust boundaries.
- Familiarity with software supply chain security concepts like SLSA and SBOM.
- Interest in complex policy and platform problems related to DevSecOps.
Benefits
- Comprehensive benefits to support health, finances, and well-being.
- Flexible Paid Time Off.
- Access to Team Member Resource Groups.
- Equity compensation and employee stock purchase plan.
- Growth and development fund for professional advancement.
- Parental leave support.
- Home office support for remote work.
Tech Stack
GoGraphQLPostgreSQLRedisRSpecRuby on Rails
Categories
BackendSecurity