Related skills
security go ruby on rails container scanning software composition analysisπ Description
- Implement complex features in dependency scanning and container scanning to increase scan coverage, accuracy, and adoption of GitLab's SCA capabilities
- Solve novel technical problems in SCA, establishing reusable patterns that reduce delivery time and improve engineering effectiveness across the team
- Guide architectural and implementation decisions in collaboration with engineering managers, product managers, and peer staff engineers to improve scalability, reliability, and delivery outcomes across the team's SCA architecture
- Contribute code, design reviews, and technical mentorship that raise quality standards, improve maintainability, and strengthen performance across the codebase
- Collaborate across GitLab's security domain to align SCA work with related efforts in vulnerability management and adjacent product areas, accelerating delivery of shared roadmap goals
- Identify and resolve technical debt, prioritizing changes that improve team velocity, code health, and long-term maintainability across the team's core SCA services
π― Requirements
- Hands-on experience in Software Composition Analysis and the ability to contribute to complex security features in dependency scanning and container scanning
- Deep hands-on expertise in building and evolving dependency scanning and container scanning capabilities
- Demonstrated ability to design solutions that balance complexity, performance, and maintainability
- Expertise with backend technologies, particularly Go and/or Ruby on Rails, with ability to pick up new technologies quickly
- Ability to evaluate technical tradeoffs in SCA and security tooling, with proven success delivering maintainable solutions that help customers manage software supply chain risk
- Ability to work effectively in distributed, async-first teams across multiple time zones
π Benefits
- The Software Composition Analysis team is part of GitLab's Security Engineering group, focusing on dependency scanning and container scanning, with distributed members across Europe and North America
- Clear documentation and asynchronous coordination across time zones
- Equity compensation and Employee Stock Purchase Plan
- Growth and Development Fund to support learning and career advancement
- Parental leave and home office support
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Engineering Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!