Beacon Biosignals is hiring an Engineering Manager to lead a team responsible for building software composition analysis capabilities for GitLab customers. You will guide engineers on security scanning, set priorities, shape product architecture, and run agile processes to help customers find and fix vulnerabilities in their application dependencies and software supply chain.
What You'll Do
- Lead engineers across the Composition Analysis team, setting clear priorities and expectations.
- Drive key security initiatives, including auto-remediation of vulnerable software packages, scanning unmanaged C/C++ dependencies, static reachability analysis, and snippet detection for open source dependencies.
- Balance priorities and resources across the Composition Analysis team to ensure sustainable delivery and high-quality outcomes.
- Author and maintain project plans for epics within the Composition Analysis team, aligning work, identifying dependencies, and ensuring quality delivery.
- Run agile project management processes for the Composition Analysis team, including planning, estimation, and continuous improvement of delivery practices.
- Provide guidance on the architecture of software composition analysis solutions, ensuring they are robust, scalable, and effective.
- Collaborate closely with the Composition Analysis team to ensure consistent, high-quality approaches to application security across GitLab's platform.
What We're Looking For
- Background leading multiple technical teams or groups, ideally in application security or cloud security.
- Practical understanding of software composition analysis, including how to assess and manage risks in application dependencies.
- Familiarity with containerization technologies, package managers, and dependency management systems.
- Experience working with or around open source security tooling (for example, Syft, Grype, Trivy, or similar tools).
- Ability to plan and run agile project management processes for the Composition Analysis team, including coordinating priorities and dependencies.
- Skill in guiding product and architecture decisions for security scanning tools, balancing technical constraints with customer needs.
Nice to Have
- Openness to candidates with transferable experience in security engineering, DevSecOps, or vulnerability management who are motivated to grow in application security leadership.
Technical Stack
- Software composition analysis
- Container scanning
- Open source security tooling (Syft, Grype, Trivy)
Team & Environment
The role leads a distributed group of security-focused engineers. The team sits within the security product area and owns core features such as software composition analysis, container scanning, and related remediation workflows.
Benefits & Compensation
- Compensation: $131,600—$282,000 USD + equity.
- Benefits to support your health, finances, and well-being.
- Flexible Paid Time Off.
- Team Member Resource Groups.
- Equity Compensation & Employee Stock Purchase Plan.
- Growth and Development Fund.
- Parental leave.
- Home office support.
Work Mode
This is a global role open to candidates in the United States.
GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. GitLab’s policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including family medical history), discharge status from the military, protected veteran status, or any other basis protected by law.
