GitLab is looking for a Senior Fullstack Engineer to join its Authorization team, building the critical systems that determine access across the entire platform. You'll architect and implement our next-generation Authorization infrastructure, including policy-as-code systems and fine-grained permissions, working at a massive scale that serves millions of users.
What You'll Do
- Implement fine-grained permission systems for Job Tokens, Personal Access Tokens, and other authentication mechanisms.
- Collaborate with Security, Database, and Platform teams on the new Auth stack initiative.
- Solve complex performance challenges including authorization query optimization, caching strategies, and database decomposition.
- Design authorization systems that work seamlessly across multiple deployment models and multi-tenant architectures.
- Advocate for improvements to authorization security, maintainability, and developer experience through code review and technical leadership.
- Contribute to architectural decisions for authorization features with a 12-month+ strategic view.
- Mentor team members on authorization patterns, policy languages, and secure coding practices.
What We're Looking For
- Significant professional experience with Ruby on Rails and Vue.js in production environments.
- Strong understanding of authorization concepts: RBAC (Role-Based Access Control), ABAC (Attribute-Based Access Control), and fine-grained access control patterns.
- Experience with high-scale backend systems that handle millions of requests per day.
- Deep knowledge of database optimization, particularly PostgreSQL performance tuning and query optimization.
- Understanding of security principles including threat modeling, least-privilege access, and zero-trust architectures.
- Experience with distributed systems, caching strategies, and service-to-service communication.
- Proven ability to own complex technical initiatives from design through production deployment.
- Strong collaboration skills for working across multiple engineering teams in an asynchronous, remote environment.
- Comfort working in a highly agile, iterative development process with focus on shipping value incrementally.
Nice to Have
- Familiarity with policy-based authorization systems or strong interest in learning Cedar, Rego, or similar policy languages.
Technical Stack
- Ruby on Rails
- Vue.js
- PostgreSQL
- Cedar
- Rego
Team & Environment
You will work closely with the Authentication & Product Security teams, Database team, and Security team.
Benefits & Compensation
- Compensation Range: $117,600 - $252,000 USD
- Benefits to support your health, finances, and well-being
- Flexible Paid Time Off
- Team Member Resource Groups
- Equity Compensation & Employee Stock Purchase Plan
- Growth and Development Fund
- Parental leave
- Home office support
Work Mode
This role is open to candidates in Remote, Netherlands, Remote, North America, and Remote, United Kingdom.
GitLab is proud to be an equal opportunity workplace and an affirmative action employer. All policies and practices relating to recruitment, employment, career development, advancement, promotion, and retirement are based solely on merit.
