Key skills
ApacheCloudDistributed SystemsKafkaKubernetesMicroservicesPostgresAIMachine LearningApache KafkaSpannerPostgreSQLGitLabCachingPerformance OptimizationLeadershipRisk ManagementProduct ManagementA/B TestingCommunicationDecision MakingCollaboration
About this role
Role Overview
- Drive the evolution of GitLab's Security Risk Management (SRM) stage into a world-class platform for vulnerability analysis and remediation at enterprise scale.
- Own the technical strategy for processing, analyzing, and remediating vulnerabilities across massive codebases and complex enterprise environments.
- Design distributed systems architecture capable of processing vulnerability data from thousands of repositories, millions of commits, and complex dependency graphs in real-time.
- Drive storage system decisions for multi-petabyte security datasets, balancing query performance, cost efficiency, and data retention requirements across time-series, graph, and document storage paradigms.
- Architect scalable analysis pipelines that can ingest vulnerability feeds, correlate findings across multiple security tools, and provide actionable intelligence to both security teams and individual developers.
- Lead the technical evolution from monolithic security scanning to microservices-based, event-driven vulnerability management systems.
- Champion high-performance systems thinking throughout the team, establishing patterns for horizontal scaling, efficient resource utilization, and fault-tolerant distributed computing.
- Establish technical standards for system observability, chaos engineering, and performance optimization in security-critical systems.
- Mentor and develop senior engineers in distributed systems design, database optimization, and large-scale system architecture.
- Drive architectural decision records (ADRs) for major technical decisions, particularly around data storage, processing frameworks, and system boundaries.
- Own the end-to-end user journey (in partnership with PM) for both AppSec professionals managing enterprise-wide risk and developers receiving actionable security feedback in their workflow.
- Design APIs and interfaces that abstract complexity while providing the power and flexibility that security professionals demand.
- Collaborate with Product Management, UX and Product Design to translate complex technical capabilities into intuitive user experiences.
- Establish feedback loops with large enterprise customers to ensure our technical solutions scale with their organizational complexity.
- Evaluate and integrate cutting-edge technologies in areas such as graph databases, stream processing, machine learning inference at scale, and distributed caching, in collaboration with GitLab’s Infrastructure, Data and AI teams.
- Own the technical roadmap for vulnerability correlation, risk scoring, and automated remediation workflows.
- Drive partnerships with other GitLab stages to ensure seamless integration across the DevSecOps platform.
- Lead incident response for availability and performance issues in customer-facing security systems.
Requirements
- 10+ years of software engineering experience with 5+ years leading distributed systems at scale (>100M daily operations)
- Deep expertise in designing and operating high-throughput, low-latency distributed systems with complex data models
- Proven experience with polyglot persistence strategies, including relational databases (PostgreSQL, Cloud Spanner), time-series databases, graph databases, and distributed key-value stores
- Strong background in stream processing frameworks (Apache Kafka, Apache Flink, or similar) and event-driven architectures
- Hands-on experience with container orchestration (Kubernetes) and cloud-native observability stacks
- Security domain knowledge with understanding of vulnerability assessment, static analysis, dependency scanning, or application security testing.
- Proven track record of leading and growing high-performing engineering teams (40+ engineers)
- Experience transforming engineering culture and establishing technical excellence standards in fast-growing organizations
- Strong technical communication skills with ability to present complex architectural decisions to executive stakeholders
- Collaborative leadership style with experience working across multiple engineering teams and product stakeholders
- Systems thinking approach to complex technical problems with demonstrated ability to make appropriate trade-offs between performance, scalability, and maintainability
- Experience with A/B testing frameworks and data-driven decision making in technical contexts
- Track record of successfully delivering large-scale technical migrations or architectural transformations
- Startup or high-growth company experience with ability to balance technical debt with rapid feature delivery.
Tech Stack
- Apache
- Cloud
- Distributed Systems
- Kafka
- Kubernetes
- Microservices
- Postgres
Benefits
- Benefits to support your health, finances, and well-being
- Flexible Paid Time Off
- Team Member Resource Groups
- Equity Compensation & Employee Stock Purchase Plan
- Growth and Development Fund
- Parental leave
- Home office support