← Back to list
Job · Principal

Staff Infrastructure Security Engineer (APAC, EMEA, or US)

Security Engineer • Principal • Remote • Full-time • 📍 Remote

GitLab is hiring a Staff Infrastructure Security Engineer to serve as a technical lead within its Infrastructure Security Team, part of the Product Security Department. You will define the technical direction for infrastructure security across SaaS platforms (GitLab Dedicated, Cells) and Self-Managed offerings, combining hands-on execution with influence across partner engineering teams. The role is fully remote, with eligibility in APAC, EMEA or the US. AI is expected to be a core part of how you work.

Responsibilities

  • Set architectural patterns, reference implementations and foundational security automation that shape infrastructure security across GitLab
  • Lead infrastructure security initiatives from problem framing through delivery, scoping ambiguous multi-quarter work into executable streams
  • Conduct and lead comprehensive security reviews and threat modeling for complex infrastructure components, identifying systemic risks and driving remediation
  • Set the team's approach to AI-assisted security engineering and establish reusable patterns
  • Serve as an authoritative technical voice for Infrastructure Security across stakeholders, translating tradeoffs into clear decisions
  • Partner on technical planning, prioritization and roadmap development to align technical work with business objectives
  • Mentor and develop engineers, raising the technical bar and modeling inclusive collaboration
  • Secure GitLab infrastructure using GitLab's own product (dogfooding)

Requirements

  • Expert knowledge of security for cloud infrastructure (AWS/GCP/Azure), container orchestration (Kubernetes) and related infrastructure and data security topics
  • Proficiency in multiple programming languages (Go, Python, Ruby) with a track record of delivering production-quality security tooling
  • Extensive experience with Infrastructure-as-Code security (Terraform, Ansible, CloudFormation), policy-as-code and automated compliance
  • Hands-on experience applying AI to security workflows, with a point of view on where it creates meaningful leverage
  • Track record of leading multi-team technical initiatives from ambiguous problem statements to measurable outcomes
  • Strong written and verbal communication skills, able to explain security tradeoffs to technical and non-technical audiences, including senior leadership
  • Familiarity with security certifications, frameworks and standards (FedRAMP, ISO 27001, SOC 2, PCI-DSS)
  • Share GitLab's values and work in accordance with them

Soft skills

Strong written and verbal communication, including with senior leadershipTechnical leadership and influence across teams without direct authorityMentoring and inclusive collaborationComfort with ambiguity and end-to-end ownership

What we offer

  • Benefits to support your health, finances and well-being
  • Flexible Paid Time Off
  • Team Member Resource Groups
  • Equity compensation and Employee Stock Purchase Plan
  • Growth and Development Fund
  • Parental leave
  • Fully remote work

About the company

GitLab is the intelligent orchestration platform for DevSecOps, trusted by more than 50 million registered users and over 50% of the Fortune 100. It embraces AI as a core productivity multiplier and operates a fully remote, high-performance, values-driven culture.

Languages: Angol (folyékony)