Key skills
Go programmingBackend service developmentDistributed systemsEnvoy proxy configurationProxyedge technologiesService mesh architectureMutual TLS (mTLS)Zero-trust networkinggRPCREST APIsDatabase technologiesRDSGoogle SpannerPostgresSchema designToken systemsJWTMacaroonsCryptographic signingKey managementKubernetesContainer orchestrationCloud-native deploymentMonitoringDebugging distributed systemsEffective writtenSolution-oriented mindsetOpenness to learningCollaborative mindsetGoBINGINXTraefikEnvoySpannerGitLabService MeshAgileCommunication
About this role
GitLab is the intelligent orchestration platform for DevSecOps, enabling organizations to increase developer productivity and improve operational efficiency. The Senior Backend Engineer on the Auth Infrastructure team will build critical infrastructure for authentication and authorization, focusing on secure and reliable identity services for millions of users.
Responsibilities:
- Design and implement core components of GitLab's authentication infrastructure layer, including Envoy proxy configuration, token services, and policy decision systems
- Develop solutions for critical infrastructure challenges such as bi-directional gRPC tunnels, mutual Transport Layer Security (mTLS), and service mesh architecture
- Build and maintain authentication infrastructure that supports GitLab.com, self-managed, Dedicated, and air-gapped deployment models
- Optimize the performance and reliability of authentication and authorization decisions at scale across distributed systems
- Implement and refine monitoring, observability, and debugging capabilities for authentication services to ensure secure and stable operation
- Collaborate with Authentication, Authorization, Platform, and Infrastructure teams to align infrastructure capabilities with product and architectural requirements
- Contribute to the team’s technical direction and roadmap for secure, scalable authentication, including standards for style, maintainability, and best practices
- Represent GitLab and its values through participation in public communication, broader initiatives, and contributions to relevant open source projects
Requirements:
- Strong experience building high-performance backend services in Go, ideally in large-scale, distributed environments
- Hands-on experience with proxy and edge technologies such as Envoy, Traefik, HAProxy, or nginx, including configuration and operation in production
- Practical experience with service mesh architectures, mutual TLS (mTLS), zero-trust networking, and secure service-to-service communication patterns (gRPC, REST)
- Working knowledge of database and storage technologies such as RDS, Google Spanner, Postgres or similar, including schema design and performance considerations
- Understanding of token systems (for example JWT or Macaroons), cryptographic signing, and key management for authentication and authorization workflows
- Experience with Kubernetes, container orchestration, and cloud-native deployment patterns, including observability, monitoring, and debugging of distributed systems
- Ability to own projects from concept to production, including proposing designs, driving discussions, and delivering in a highly agile, iterative environment
- Effective written and verbal communication in English, with a collaborative, solution-oriented mindset and openness to learning from and supporting team members with diverse backgrounds and transferable skills