Senior Security Engineer, Application Security - Remote

Overview

The Application Security team works with GitLab engineers and product teams to anticipate and prevent the introduction of vulnerabilities during design and development, ensuring delivery of high quality software GitLab customers can trust.

In Short

• Conduct security-focused application design and architecture reviews, threat modeling, code review, and security testing assessment.
• Propose and establish secure development practices.
• Help secure GitLab, with GitLab.
• Secure our software supply chain and improve security workflows.
• Identify and drive team maturity opportunities.

Requirements

• Bachelor's degree or equivalent in Computer Science or equivalent practical education.
• 5+ years professional experience in a computer technology field.
• Very good understanding of computer code and how to detect and remediate security defects.
• Programming experience in one or more coding languages, preferably Ruby on Rails or Go.
• Comfortable in shell scripting to automate work.
• Strong knowledge of application security concepts.
• Experience with application security practices including code review, threat modeling, and static/dynamic analysis.
• Experience performing Application Penetration Testing.
• Ability to provide subject matter expertise on software architecture design.
• Familiar with common security libraries and flaws in Ruby on Rails applications.

Benefits

• Benefits to support your health, finances, and well-being.
• All remote, asynchronous work environment.
• Flexible Paid Time Off.
• Team Member Resource Groups.
• Equity Compensation & Employee Stock Purchase Plan.
• Growth and development budget.
• Parental leave.
• Home office support.