Job descriptionGitLab is the intelligent orchestration platform for DevSecOps. GitLab enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 50 million registered users and more than 50% of the Fortune 100* trust GitLab to ship better, more secure software faster.
The same principles built into our products are reflected in how our team works: we embrace AI as a core productivity multiplier, with all team members expected to incorporate AI into their daily workflows to drive efficiency, innovation, and impact. GitLab is where careers accelerate, innovation flourishes, and every voice is valued. Our high-performance culture is driven by our values and continuous knowledge exchange, enabling our team members to reach their full potential while collaborating with industry leaders to solve complex problems.
Fortune 500® is a registered trademark of Fortune Media IP Limited, used under license. Claim based on GitLab data. Fortune 100 refers to the top 20% ranked companies in the 2025 Fortune 500 list, published in June 2025. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of GitLab.
An overview of this role We’re seeking an exceptional Engineering Lead to drive the evolution of GitLab’s Security Risk Management (SRM) stage into a world-class platform for vulnerability analysis and remediation at enterprise scale. This is a rare opportunity to architect and build distributed systems that will fundamentally change how large organizations approach application security and developer security workflows.
What You’ll Do Technical Leadership & Architecture
Design distributed systems architecture capable of processing vulnerability data from thousands of repositories, millions of commits, and complex dependency graphs in real-time
Drive storage system decisions for multi‑petabyte security datasets, balancing query performance, cost efficiency, and data retention requirements across time‑series, graph, and document storage paradigms
Architect scalable analysis pipelines that can ingest vulnerability feeds, correlate findings across multiple security tools, and provide actionable intelligence to both security teams and individual developers
Lead the technical evolution from monolithic security scanning to microservices‑based, event‑driven vulnerability management systems
Engineering Culture Transformation
Champion high‑performance systems thinking throughout the team, establishing patterns for horizontal scaling, efficient resource utilization, and fault‑tolerant distributed computing
Establish technical standards for system observability, chaos engineering, and performance optimization in security‑critical systems
Mentor and develop senior engineers in distributed systems design, database optimization, and large‑scale system architecture
Drive architectural decision records (ADRs) for major technical decisions, particularly around data storage, processing frameworks, and system boundaries
Product & User Experience Excellence
Own the end‑to‑end user journey (in partnership with PM) for both AppSec professionals managing enterprise‑wide risk and developers receiving actionable security feedback in their workflow
Design APIs and interfaces that abstract complexity while providing the power and flexibility that security professionals demand
Collaborate with Product Management, UX and Product Design to translate complex technical capabilities into intuitive user experiences
Establish feedback loops with large enterprise customers to ensure our technical solutions scale with their organizational complexity
Strategic Technical Execution
Evaluate and integrate cutting‑edge technologies in areas such as graph databases, stream processing, machine learning inference at scale, and distributed caching, in collaboration with GitLab’s Infrastructure, Data and AI teams
Own the technical roadmap for vulnerability correlation, risk scoring, and automated remediation workflows
Drive partnerships with other GitLab stages to ensure seamless integration across the DevSecOps platform
Lead incident response for availability and performance issues in customer‑facing security systems
What You’ll Bring Technical Expertise
10+ years of software engineering experience with 5+ years leading distributed systems at scale (>100M daily operations)
Deep expertise in designing and operating high‑throughput, low‑latency distributed systems with complex data models
Proven experience with polyglot persistence strategies, including relational databases (PostgreSQL, Cloud Spanner), time‑series databases, graph databases, and distributed key‑value stores
Strong background in stream processing frameworks (Apache Kafka, Apache Flink, or similar) and event‑driven architectures
Hands‑on experience with container orchestration (Kubernetes) and cloud‑native observability stacks
Security domain knowledge with understanding of vulnerability assessment, static analysis, dependency scanning, or application security testing
Leadership & Communication
Proven track record of leading and growing high‑performing engineering teams (40+ engineers)
Experience transforming engineering culture and establishing technical excellence standards in fast‑growing organizations
Strong technical communication skills with ability to present complex architectural decisions to executive stakeholders
Collaborative leadership style with experience working across multiple engineering teams and product stakeholders
Problem‑Solving & Innovation
Systems thinking approach to complex technical problems with demonstrated ability to make appropriate trade‑offs between performance, scalability, and maintainability
Experience with A/B testing frameworks and data‑driven decision making in technical contexts
Track record of successfully delivering large‑scale technical migrations or architectural transformations
Startup or high‑growth company experience with ability to balance technical debt with rapid feature delivery
About the team Security Risk Management sits at the heart of modern DevSecOps. The systems you build will directly impact how Fortune 500 companies protect their applications and how millions of developers integrate security into their daily workflow. You’ll have the opportunity to define the future of application security tooling while working with some of the most challenging distributed systems problems in the industry.
The Technical Challenge You’ll be solving some of the most interesting distributed systems problems in the security space:
Scale: Processing vulnerability data for organizations with 100,000+ repositories and millions of developers
Performance: Sub‑second query response times for complex security analytics across massive datasets
Reliability: 99.95%+ uptime SLAs for security‑critical workflows that can’t afford downtime
Complexity: Correlating findings across 20+ different security tools while maintaining data lineage and audit trails
User Experience: Making complex security data accessible to both security experts and developers with varying security expertise
The base salary range for this role’s listed level is currently for residents of the United States only. This range is intended to reflect the role’s base salary rate in locations throughout the U.S. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, alignment with market data, and geographic location. The base salary range does not include any bonuses, equity, or benefits. See more information on our benefits and equity. Sales roles are also eligible for incentive pay targeted at up to 100% of the offered base salary.
United States Salary Range: $194,800—$365,200 USD
How GitLab Supports Full‑Time Employees
Benefits to support your health, finances, and well‑being
Flexible Paid Time Off
Team Member Resource Groups
Equity Compensation & Employee Stock Purchase Plan
Growth and Development Fund
Parental leave
Home office support
GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. GitLab’s policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including family medical history), discharge status from the military, protected veteran status (which includes disabled veterans, recently separated veterans, active duty wartime or campaign badge veterans, and Armed Forces service medal veterans), or any other basis protected by law. GitLab will not tolerate discrimination or harassment based on any of these characteristics. If you have a disability or special need that requires accommodation, please let us know during the recruiting process.
#J-18808-Ljbffr
