Intermediate Software Security Engineer
About The Position
GitLab is the intelligent orchestration platform for DevSecOps, enabling organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. With over 50 million registered users and trust from more than 50% of the Fortune 100, GitLab integrates AI as a core productivity multiplier, expecting all team members to incorporate it into their daily workflows. This role focuses on engineering security improvements for the GitLab product and developing/maintaining tools to detect and prevent abuse on its SaaS platforms. A strong software engineering background, particularly with large Ruby/Rails codebases, is essential. As part of the Trust and Safety team, the engineer will proactively identify abuse patterns and trends, building prevention systems to mitigate abusive users. The team maintains core abuse prevention platforms and develops customer safety mechanisms, such as Compromised Password Detection for GitLab.com. This position is an ideal fit for software engineers interested in transitioning into security engineering, as formal security engineering experience is not a prerequisite. The Trust and Safety team is a global team dedicated to keeping abusive behaviors off GitLab.com, utilizing automations, LLM-aided predictive analysis, and user behavior analysis, and collaborates closely with other Security Operations teams.
Requirements
- Strong software development skills with experience in Ruby/Rails
- Passion/desire to proactivity develop security engineering skills
- Comfortable working in an all remote environment where results and impact matter above hours worked
- Interest in “thinking like a hacker” and defending against attacks with an “automation first” mindset
- Interest in cloud native development (Google Cloud Platform (GCP) and/or AWS)
- Interest in handling trust and safety security incidents (platform abuse, cryptomining, platform spam)
Nice To Haves
- Experience working on distributed applications with large codebases and deployed in cloud environments strongly preferred
Responsibilities
- Maintain core abuse prevention systems and build new abuse detection rules to identify and prevent evolving abuse patterns such as platform abuse, cryptomining, platform spam and abuse of terms of service
- Maintain and build new capabilities in our in-house abuse platform
- Improve and expand agentic AI capabilities in our abuse mitigation tools
- Collaborate with peers to deliver safety improvements for the GitLab product
- Resolve automation gaps and create efficient, automated processes
- Create and maintain documentation such as runbooks and procedures
Benefits
- Flexible Paid Time Off
- Team Member Resource Groups
- Equity Compensation & Employee Stock Purchase Plan
- Growth and Development Fund
- Parental leave
- Home office support
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
Number of Employees
501-1,000 employees
