Key skills
CloudOpen SourceRubyRuby on RailsVaultGoRailsJWTGitLabLeadershipMentoringCommunicationCollaboration
About this role
Role Overview
- Lead the technical strategy for GitLab Secrets Manager, setting architecture direction for secure, multi-tenant secrets management at scale.
- Own the integration between GitLab and OpenBao, including namespaces, authentication mechanisms, and policy management.
- Collaborate with Pipeline Security, Authentication, and Platform teams to propose, review, and deliver cross-team secrets management improvements.
- Partner with GitLab.com Infrastructure teams to ensure secrets management meets reliability, performance, and operational requirements.
- Represent GitLab in the OpenBao open source project by contributing features upstream, participating in technical steering discussions, and maintaining strong technical credibility.
- Mentor and advise engineers on secrets management, cryptographic systems, and secure architecture patterns, raising the quality and consistency of designs and implementations.
- Interface with engineering managers and senior leadership to scope initiatives, clarify tradeoffs, and unblock delivery across teams.
- Engage with customers and external stakeholders to understand real-world needs and communicate GitLab's secrets management capabilities and roadmap direction.
Requirements
- Experience designing and operating secrets management systems (for example, HashiCorp Vault, OpenBao, or cloud-native offerings), including secure storage, access control, and audit logging.
- Ability to lead architecture decisions for resilient, multi-tenant services that handle secrets operations at scale, including high availability and cluster management patterns.
- Working knowledge of cryptographic and key management concepts, such as encryption in transit and at rest, key derivation, and hardware security module (HSM) or PKCS#11 integrations.
- Experience implementing authentication and authorization integrations, such as JSON Web Token (JWT) or OpenID Connect (OIDC), mutual Transport Layer Security (mTLS), and certificate-based authentication.
- Proficiency building product integrations in Go (within the OpenBao or Vault ecosystem) and Ruby on Rails for GitLab platform integration.
- Experience contributing to open source projects and working effectively with distributed governance, balancing upstream needs with product requirements.
- Demonstrated ability to operate with high autonomy, drive strategy, and serve as a trusted partner to senior leaders (including constructively challenging assumptions and tradeoffs).
- Strong communication and collaboration skills to influence across teams and levels, including mentoring engineers and working in a fully remote, asynchronous environment.
Tech Stack
- Cloud
- Open Source
- Ruby
- Ruby on Rails
- Vault
- Go
Benefits
- Benefits to support your health, finances, and well-being
- Flexible Paid Time Off
- Team Member Resource Groups
- Equity Compensation & Employee Stock Purchase Plan
- Growth and Development Fund
- Parental leave
- Home office support