GitLab is seeking a Principal Infrastructure Security Engineer to join our Infrastructure Security Team within the Product Security Department. You will ensure GitLab's public cloud infrastructure is built with resiliency and security, collaborating across teams to shape the foundation of future SaaS platforms and drive the implementation of security capabilities.
What You'll Do
- Independently define multi-year security strategy components for cloud infrastructure, including compute, networking, storage, and orchestration platforms.
- Design and scope infrastructure security initiatives, breaking down complex problems into actionable work streams.
- Architect and drive implementation of security automation, frameworks, and tooling foundational to infrastructure operations.
- Conduct and lead comprehensive security reviews and threat modeling for complex infrastructure components.
- Drive adoption of infrastructure security standards across engineering teams through technical influence and enablement.
- Quantify and distill architectural tradeoffs into clear decisions for Engineers and Senior Leadership.
- Serve as the go-to expert for Infrastructure Security across the company, providing authoritative technical guidance.
- Mentor and develop engineers, elevating technical leadership and modeling inclusive collaboration.
- Fulfill the Product Security Division Mission of securing GitLab Infrastructure with our own product.
What We're Looking For
- Expert-level knowledge of security for cloud infrastructure (AWS, GCP, Azure), container orchestration (Kubernetes) and related infrastructure and data security topics.
- Demonstrated ability to translate complex security concepts into clear, actionable recommendations.
- Principal-level technical leadership: ability to set strategy, influence across organizations, and mentor senior engineers.
- Extensive experience designing, developing, and operating large distributed systems in a SaaS context.
- Track record of leading projects with ambiguous requirements that delivered measurable business impact.
- Demonstrated history of driving technical strategy that influenced organization-wide security posture.
- Understanding of security certifications, frameworks, and standards, like FedRAMP, ISO 27001, SOC 2, PCI-DSS, etc.
- Share our values, and work in accordance with those values.
Technical Stack
- AWS
- GCP
- Azure
- Kubernetes
Team & Environment
You will be a member of the Infrastructure Security Team within the Product Security Department.
Benefits & Compensation
- Benefits to support your health, finances, and well-being
- Flexible Paid Time Off
- Team Member Resource Groups
- Equity Compensation & Employee Stock Purchase Plan
- Growth and Development Fund
- Parental leave
- Home office support
Work Mode
This is a global position open to candidates working remotely from the APAC region, Canada, EMEA, and the US.
GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. GitLab’s policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including family medical history), discharge status from the military, protected veteran status, or any other basis protected by law.
