Staff Backend Engineer, Software Supply Chain Security – Secrets Management
GitLab
full-time
Posted on:
Location Type: Remote
Location: United States
Visit company websiteExplore more
Salary
💰 $131,600 - $282,000 per year
Job Level
Tech Stack
About the role
- Lead the technical strategy for GitLab Secrets Manager, setting architecture direction for secure, multi-tenant secrets management at scale.
- Own the integration between GitLab and OpenBao, including namespaces, authentication mechanisms, and policy management.
- Collaborate with Pipeline Security, Authentication, and Platform teams to propose, review, and deliver cross-team secrets management improvements.
- Partner with GitLab.com Infrastructure teams to ensure secrets management meets reliability, performance, and operational requirements.
- Represent GitLab in the OpenBao open source project by contributing features upstream, participating in technical steering discussions, and maintaining strong technical credibility.
- Mentor and advise engineers on secrets management, cryptographic systems, and secure architecture patterns, raising the quality and consistency of designs and implementations.
- Interface with engineering managers and senior leadership to scope initiatives, clarify tradeoffs, and unblock delivery across teams.
- Engage with customers and external stakeholders to understand real-world needs and communicate GitLab's secrets management capabilities and roadmap direction.
Requirements
- Experience designing and operating secrets management systems (for example, HashiCorp Vault, OpenBao, or cloud-native offerings), including secure storage, access control, and audit logging.
- Ability to lead architecture decisions for resilient, multi-tenant services that handle secrets operations at scale, including high availability and cluster management patterns.
- Working knowledge of cryptographic and key management concepts, such as encryption in transit and at rest, key derivation, and hardware security module (HSM) or PKCS#11 integrations.
- Experience implementing authentication and authorization integrations, such as JSON Web Token (JWT) or OpenID Connect (OIDC), mutual Transport Layer Security (mTLS), and certificate-based authentication.
- Proficiency building product integrations in Go (within the OpenBao or Vault ecosystem) and Ruby on Rails for GitLab platform integration.
- Experience contributing to open source projects and working effectively with distributed governance, balancing upstream needs with product requirements.
- Demonstrated ability to operate with high autonomy, drive strategy, and serve as a trusted partner to senior leaders (including constructively challenging assumptions and tradeoffs).
- Strong communication and collaboration skills to influence across teams and levels, including mentoring engineers and working in a fully remote, asynchronous environment.
Benefits
- Benefits to support your health, finances, and well-being
- Flexible Paid Time Off
- Team Member Resource Groups
- Equity Compensation & Employee Stock Purchase Plan
- Growth and Development Fund
- Parental leave
- Home office support
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
secrets management systemsHashiCorp VaultOpenBaocloud-native offeringscryptographic systemsauthentication integrationsauthorization integrationsGoRuby on Railshigh availability
Soft Skills
leadershipmentoringcommunicationcollaborationautonomyinfluencingstrategic thinkingproblem-solvingcross-team collaborationstakeholder engagement