
Staff Infrastructure Security Engineer (APAC, EMEA, or US)
GitLab is hiring a Staff Infrastructure Security Engineer to serve as a technical lead within its Infrastructure Security Team, part of the Product Security Department. You will define the technical direction for infrastructure security across SaaS platforms (GitLab Dedicated, Cells) and Self-Managed offerings, combining hands-on execution with influence across partner engineering teams. The role is fully remote, with eligibility in APAC, EMEA or the US. AI is expected to be a core part of how you work.
Responsibilities
- ▹Set architectural patterns, reference implementations and foundational security automation that shape infrastructure security across GitLab
- ▹Lead infrastructure security initiatives from problem framing through delivery, scoping ambiguous multi-quarter work into executable streams
- ▹Conduct and lead comprehensive security reviews and threat modeling for complex infrastructure components, identifying systemic risks and driving remediation
- ▹Set the team's approach to AI-assisted security engineering and establish reusable patterns
- ▹Serve as an authoritative technical voice for Infrastructure Security across stakeholders, translating tradeoffs into clear decisions
- ▹Partner on technical planning, prioritization and roadmap development to align technical work with business objectives
- ▹Mentor and develop engineers, raising the technical bar and modeling inclusive collaboration
- ▹Secure GitLab infrastructure using GitLab's own product (dogfooding)
Requirements
- ▹Expert knowledge of security for cloud infrastructure (AWS/GCP/Azure), container orchestration (Kubernetes) and related infrastructure and data security topics
- ▹Proficiency in multiple programming languages (Go, Python, Ruby) with a track record of delivering production-quality security tooling
- ▹Extensive experience with Infrastructure-as-Code security (Terraform, Ansible, CloudFormation), policy-as-code and automated compliance
- ▹Hands-on experience applying AI to security workflows, with a point of view on where it creates meaningful leverage
- ▹Track record of leading multi-team technical initiatives from ambiguous problem statements to measurable outcomes
- ▹Strong written and verbal communication skills, able to explain security tradeoffs to technical and non-technical audiences, including senior leadership
- ▹Familiarity with security certifications, frameworks and standards (FedRAMP, ISO 27001, SOC 2, PCI-DSS)
- ▹Share GitLab's values and work in accordance with them
Soft skills
What we offer
- ▹Benefits to support your health, finances and well-being
- ▹Flexible Paid Time Off
- ▹Team Member Resource Groups
- ▹Equity compensation and Employee Stock Purchase Plan
- ▹Growth and Development Fund
- ▹Parental leave
- ▹Fully remote work
About the company
GitLab is the intelligent orchestration platform for DevSecOps, trusted by more than 50 million registered users and over 50% of the Fortune 100. It embraces AI as a core productivity multiplier and operates a fully remote, high-performance, values-driven culture.