Key skills
Endpoint securitymacOS securityEndpoint management platformsJamf ProFleetDMTerraformInfrastructure-as-CodeGitOps workflowsScriptingPythonBashPowerShellGoCloud identity providersOktaGoogle WorkspaceLDAPIndependent workGitGitLabGitOpsVersion ControliOSSaaSChange ManagementProblem Solving
About this role
GitLab is the intelligent orchestration platform for DevSecOps, and they are seeking a Senior Corporate Security Engineer to help secure the systems relied upon by team members in a fully remote environment. This role focuses on building secure controls for endpoints, particularly macOS, and involves making technical decisions around endpoint hardening, automation, and detection.
Responsibilities:
- Lead the security architecture of GitLab's endpoint fleet and related infrastructure, with a primary focus on macOS
- Design and support automation for secure endpoint deployment, configuration, and lifecycle management using code-based workflows
- Manage endpoint and SaaS security configuration through Terraform, version control, merge requests, continuous integration pipelines, and automated rollouts
- Define and enforce security baselines across macOS, iOS, Windows, and Linux endpoints
- Develop patching and software distribution approaches that align with security, compliance, and operational requirements
- Partner with Information Technology, Security Operations, and Detection and Response teams to improve endpoint telemetry, detections, and response models
- Drive process improvements that reduce manual work and lower risk by favoring automation, policy-driven controls, and auditable change management
- Mentor engineers across Corporate Security and Information Technology, and serve as a senior escalation point for complex endpoint security issues
Requirements:
- Experience designing and delivering endpoint, systems, or corporate security solutions in environments that require scalable, durable controls
- Deep knowledge of endpoint management platforms such as Jamf Pro or FleetDM, especially for architecting and securing macOS environments
- Strong hands-on ability with Terraform and Infrastructure-as-Code practices, including module design, state management, and pipeline-based deployment
- Experience working with GitOps workflows where changes are managed through Git repositories, merge requests, code review, and automated pipelines
- Strong proficiency in scripting or programming for automation and security tooling, such as bash, Python, PowerShell, or Go
- Familiarity with cloud identity providers and directories, including platforms such as Okta, Google Workspace, LDAP
- Ability to communicate clearly, collaborate across distributed teams, and work independently in an all-remote environment
- Openness to bringing transferable experience from adjacent security, systems, or platform engineering backgrounds, along with a practical and security-focused approach to problem solving