Key skills
GraphQLPostgresPythonRSpecRubyRuby on RailsAILarge Language ModelsRailsPostgreSQLGitLabEvent StreamingCI/CDCommunication
About this role
Role Overview
- Implement and evolve the AI audit event pipeline, including event ingestion, schema normalization, storage design, partitioning, retention, and export capabilities.
- Implement access control for AI Governance features by integrating permissions for audit logs, policy configuration, and governance dashboards into GitLab's existing authorization model.
- Contribute backend functionality for the AI agent artifact feature, supporting structured storage and retrieval of agent run metadata alongside existing CI/CD artifacts.
- Build backend services for the MCP registry, including tool metadata and enforcement controls that can restrict or block access when needed.
- Design and optimize data models and queries for high-write, event-heavy systems using PostgreSQL and ClickHouse.
- Write and maintain solid RSpec and integration test coverage, while helping improve team test reliability practices.
- Contribute to architecture decisions and deliver implementations with ownership, while working closely with partner teams in AI and Continuous Delivery.
Requirements
- Extensive experience building backend applications with Ruby on Rails in production environments.
- Proficiency in Python and experience building backend services that support AI infrastructure, gateways, or adjacent product systems.
- Extensive experience with PostgreSQL and other data-intensive databases such as ClickHouse, including schema design, partitioning strategies, and efficient query patterns for event-heavy workloads.
- Experience building REST or GraphQL APIs and designing backend systems for reliable storage, retrieval, and governance workflows.
- Solid understanding of authorization, access control, and enterprise governance concepts in web application architectures.
- Familiarity with regulatory compliance, auditability, or enterprise governance requirements, and the ability to apply them in production systems.
- Clear written communication skills and comfort working effectively in a remote, async-first team.
- Helpful experience includes audit trails, telemetry, event streaming, SIEM integrations, webhook delivery, enterprise retention requirements, AI agent infrastructure, large language models, the Model Context Protocol (MCP), or compliance, observability, and enterprise security products.
Tech Stack
- GraphQL
- Postgres
- Python
- RSpec
- Ruby
- Ruby on Rails
Benefits
- Benefits to support your health, finances, and well-being
- Flexible Paid Time Off
- Team Member Resource Groups
- Equity Compensation & Employee Stock Purchase Plan
- Growth and Development Fund
- Parental leave
- Home office support