Senior Backend Engineer(Golang),Software Supply Chain Security: Auth Infrastructure

GitLab is the intelligent orchestration platform for DevSecOps, enabling organizations to increase developer productivity and improve operational efficiency. As a Senior Backend Engineer on the Auth Infrastructure team, you'll build critical authentication and authorization infrastructure for millions of users, focusing on secure and reliable identity services while collaborating with various teams.

Responsibilities:

• Design and implement core components of GitLab's authentication infrastructure layer, including Envoy proxy configuration, token services, and policy decision systems
• Develop solutions for critical infrastructure challenges such as bi-directional gRPC tunnels, mutual Transport Layer Security (mTLS), and service mesh architecture
• Build and maintain authentication infrastructure that supports GitLab.com, self-managed, Dedicated, and air-gapped deployment models
• Optimize the performance and reliability of authentication and authorization decisions at scale across distributed systems
• Implement and refine monitoring, observability, and debugging capabilities for authentication services to ensure secure and stable operation
• Collaborate with Authentication, Authorization, Platform, and Infrastructure teams to align infrastructure capabilities with product and architectural requirements
• Contribute to the team’s technical direction and roadmap for secure, scalable authentication, including standards for style, maintainability, and best practices
• Represent GitLab and its values through participation in public communication, broader initiatives, and contributions to relevant open source projects

Requirements:

• Strong experience building high-performance backend services in Go, ideally in large-scale, distributed environments
• Hands-on experience with proxy and edge technologies such as Envoy, Traefik, HAProxy, or nginx, including configuration and operation in production
• Practical experience with service mesh architectures, mutual TLS (mTLS), zero-trust networking, and secure service-to-service communication patterns (gRPC, REST)
• Working knowledge of database and storage technologies such as RDS, Google Spanner, Postgres or similar, including schema design and performance considerations
• Understanding of token systems (for example JWT or Macaroons), cryptographic signing, and key management for authentication and authorization workflows
• Experience with Kubernetes, container orchestration, and cloud-native deployment patterns, including observability, monitoring, and debugging of distributed systems
• Ability to own projects from concept to production, including proposing designs, driving discussions, and delivering in a highly agile, iterative environment
• Effective written and verbal communication in English, with a collaborative, solution-oriented mindset and openness to learning from and supporting team members with diverse backgrounds and transferable skills