Key skills
Distributed systemsInfrastructure securityGo programmingRust programmingEnvoy proxymTLSService mesh architectureToken systemsKubernetesCI/CD practicesSoft skillsGoRustAIBIgRPCNGINXTraefikEnvoyRDSSpannerPostgresJWTGitLabGitOpsService MeshPerformance OptimizationCI/CDDecision Making
About this role
GitLab is an open-core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations. As an Engineering Manager for the Auth Infrastructure team, you will lead a distributed group of engineers to build and support the core infrastructure for authentication and authorization, focusing on secure and reliable identity services at scale.
Responsibilities:
- Lead the Auth Infrastructure engineering team, setting clear direction, enabling strong execution, and supporting team health and growth
- Drive the design and implementation of GitLab’s authentication infrastructure, including Envoy proxy configuration, token services, and policy decision components
- Solve complex infrastructure challenges such as bi-directional gRPC tunnels, mTLS implementation, short-lived certificate management, and service mesh architecture
- Ensure the authentication infrastructure reliably supports all GitLab deployment models, including GitLab.com, self-managed, Dedicated, and air-gapped environments
- Lead performance optimization efforts for authentication and authorization at scale, focusing on low-latency, high-throughput decision making
- Develop and maintain robust monitoring, observability, and debugging capabilities for distributed authentication systems
- Collaborate closely with Authentication, Authorization, Platform, Infrastructure, Cells Architecture, and Runner teams to align infrastructure capabilities with their needs and ensure seamless integration
- Hire, mentor, and develop engineers, and build processes that support sustainable delivery and continuous improvement within the Auth Infrastructure team
Requirements:
- Experience leading and developing infrastructure-focused engineering teams, with a focus on distributed systems and reliability
- Proficiency with proxy and edge routing technologies such as Envoy, Traefik, HAProxy, or nginx, including design and configuration at scale
- Hands-on background in Go and/or Rust for building and operating high-performance backend or infrastructure services
- Familiarity with service mesh architectures, mTLS, and zero-trust networking concepts, including short-lived certificates and secure tunnels (for example, gRPC)
- Understanding of token and identity systems such as JWT or Macaroons, including cryptographic signing, key management, and integration with authentication flows
- Experience with database and storage technologies such as RDS, Google Spanner, Postgres, or similar, and how they support authentication workloads
- Knowledge of Kubernetes, container orchestration, and cloud-native deployment patterns, including observability, debugging, and performance optimization for distributed systems
- Experience with infrastructure automation, CI/CD, and GitOps practices, and an interest in applying transferable skills from related domains or backgrounds to authentication infrastructure work