portal resources jobs companies g gitlab senior security engineer, application security

Senior Security Engineer, Application Security 🔥


The GitLab DevOps platform [1] empowers 100,000+ organizations to deliver software faster and more efficiently. We are one of the world’s largest all-remote companies [2] with 1,600+ team members and values [3] that guide a culture where people embrace the belief that everyone can contribute.

Application Security Engineers work closely with development teams, product managers (PM), and third-party groups (including the paid bug bounty program) to ensure that GitLab products are secure.

This position reports to the Security Manager, Application Security [4] role at GitLab.

The role is a grade 7 [5].

  • Includes all Intermediate level responsibilities listed [6].
  • Support and evolve the bug bounty program.
  • Lead both critical and regular security releases.
  • Lead application security reviews and threat modeling, including code review and dynamic testing.
  • Lead in development of automated security testing to validate that secure coding best practices are being used.
  • Guide and advise product development teams as SMEs in the area of application security.
  • Assist with recruiting activities and administrative work.
  • Develop security training and socialize the material with internal development teams.
  • Participate and assist in initiatives to holistically address multiple vulnerabilities found in a functional area.
  • Includes all Intermediate level requirements listed [7].
  • Strong understanding and experience with common security libraries, security controls, and common security flaws.
  • Some development or scripting experience and skills. Ruby and Ruby on Rails is preferred.
  • Be a subject matter expert (SME) of at least 1 technical area impacting the security of the product.
  • Strong experience working closely with developers.

Candidates for this position can expect the hiring process to follow the order below. Please keep in mind that candidates can be declined from the position at any stage of the process. To learn more about someone who may be conducting the interview, find their job title on our team page [8].

  • Qualified candidates will be invited to schedule a 30 minute screening call [9] with one of our Global Recruiters.
  • Next, candidates will be invited to schedule 1 or 2 50-minute interviews with Application Security team member peers.
  • Then, candidates will be invited to schedule a 50-minute interview with the Application Security team hiring manager.
  • Finally, candidates will be invited to schedule a 30-minute interview with the Director, Security Engineering & Research.

Additional details about our process can be found on our hiring page [10].

Compensation

For Colorado residents: The base salary range for this role’s listed level is currently $124,300-$226,400 for Colorado residents only. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, and alignment with market data. See more information on our benefits [11] and equity [12]. Sales roles are also eligible for incentive pay targeted at up to 100% of the offered base salary. Disclosure as required by the Colorado Equal Pay for >Equal Work Act, C.R.S. § 8-5-101 et seq.

To view the full job description and its compensation calculator, view our handbook. The compensation calculator can be found towards the bottom of the page.

GitLab Inc. is a company based on the GitLab open-source project. GitLab is a community project to which over 2,200 people worldwide have contributed. We are an active participant in this community, trying to serve its needs and lead by example. We have one vision [13]: everyone can contribute to all digital content, and our mission is to change all creative work from read-only to read-write so that everyone can contribute.

We value [14] results, transparency, sharing, freedom, efficiency, self-learning [15], frugality, collaboration, directness, kindness, diversity, inclusion and belonging, boring solutions, and quirkiness. If these values match your personality, work ethic, and personal goals, we encourage you to visit our primer [16] to learn more. Open source is our culture, our way of life, our story, and what makes us truly unique.

Top 10 Reasons to Work for GitLab:

  1. Mission [17]: Everyone can contribute
  2. Results [18]Fast growth [19]ambitious vision [20]
  3. Flexible Work Hours [21]: Plan your day so you are there for other people & have time for personal interests
  4. Transparency [22]Over 2,000 webpages in GitLab handbook [23]GitLab Unfiltered [24] YouTube channel
  5. Iteration [25]Empower people to be effective & have an impact [26]Merge Request rate [27]We dogfood our own product [28]Directly responsible individuals [29]
  6. Diversity, Inclusion & Belonging [30]A focus on gender parity [31]Team Member Resource Groups [32]other initiatives [33]
  7. Collaboration [34]Kindness [35]saying thanks [36]intentionally organize informal communication [37]no ego [38]
  8. Total Rewards [39]Competitive market rates for compensation [40]Equity compensation [41]global benefits (inclusive of office equipment) [42]
  9. Work/Life Harmony [43]Flexible workday [44]Friends and Family days [45]
  10. Remote Done Right [46]One of the world's largest all-remote companies [47]prolific inventor of remote best practices [48]

See our culture page [49] for more!

Work remotely from anywhere in the world. Curious to see what that looks like? Check out our remote manifesto and guides [50].

 Remote-Global

Country Hiring Guidelines: GitLab hires new team members in countries around the world. All of our roles are remote, however some roles may carry specific location-based eligibility requirements. Our Talent Acquisition team can help answer any questions about location after starting the recruiting process.  

Privacy Policy: Please review our Recruitment Privacy Policy. [51] Your privacy is important to us.

GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. GitLab’s policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including family medical history), discharge status from the military, protected veteran status (which includes disabled veterans, recently separated veterans, active duty wartime or campaign badge veterans, and Armed Forces service medal veterans), or any other basis protected by law. GitLab will not tolerate discrimination or harassment based on any of these characteristics. See also GitLab’s EEO Policy [52] and EEO is the Law [53]. If you have a disability or special need that requires accommodation [54], please let us know during the recruiting process [55].


  1. https://about.gitlab.com/solutions/devops-platform/
  2. https://about.gitlab.com/company/culture/all-remote/guide/
  3. https://about.gitlab.com/handbook/values/
  4. https://about.gitlab.com/job-families/engineering/application-security/#security-manager-application-security
  5. https://about.gitlab.com/handbook/total-rewards/compensation/compensation-calculator/#gitlab-job-grades
  6. https://about.gitlab.com/job-families/engineering/application-security/#responsibilities
  7. https://about.gitlab.com/job-families/engineering/application-security/#requirements
  8. https://about.gitlab.com/company/team/
  9. https://about.gitlab.com/handbook/hiring/interviewing/#screening-call
  10. https://about.gitlab.com/handbook/hiring/
  11. https://bit.ly/GLBeneUS
  12. https://bit.ly/GLequity
  13. https://about.gitlab.com/strategy
  14. https://about.gitlab.com/handbook/values/
  15. https://about.gitlab.com/company/culture/all-remote/self-service/#how-self-learning-leads-to-success-in-your-role
  16. https://about.gitlab.com/company/
  17. https://about.gitlab.com/company/mission/
  18. https://about.gitlab.com/handbook/values/#results
  19. https://about.gitlab.com/is-it-any-good/
  20. https://about.gitlab.com/direction/#vision
  21. https://about.gitlab.com/company/culture/all-remote/people/#those-who-value-flexibility-and-autonomy
  22. https://about.gitlab.com/handbook/values/#transparency
  23. https://about.gitlab.com/handbook/about/#count-handbook-pages
  24. https://www.youtube.com/gitlab-unfiltered
  25. https://about.gitlab.com/handbook/values/#iteration
  26. https://about.gitlab.com/handbook/values/#collaboration
  27. https://about.gitlab.com/handbook/engineering/metrics/#merge-request-rate
  28. https://about.gitlab.com/handbook/using-gitlab-at-gitlab/#introverts-of-gitlab
  29. https://about.gitlab.com/handbook/people-group/directly-responsible-individuals/
  30. https://about.gitlab.com/handbook/values/#diversity-inclusion
  31. https://about.gitlab.com/handbook/people-group/people-success-performance-indicators/#diversity---women-at-gitlab
  32. https://about.gitlab.com/company/culture/inclusion/erg-guide/#definition-of-the-tmg---team-member-groups
  33. https://about.gitlab.com/company/culture/inclusion/#what-we-are-doing-with-diversity-inclusion--belonging
  34. https://about.gitlab.com/handbook/values/#collaboration
  35. https://about.gitlab.com/handbook/values/#kindness
  36. https://about.gitlab.com/handbook/values/#say-thanks
  37. https://about.gitlab.com/company/culture/all-remote/informal-communication/
  38. https://about.gitlab.com/handbook/values/#no-ego
  39. https://about.gitlab.com/handbook/total-rewards/compensation/#gitlabs-compensation-principles
  40. https://about.gitlab.com/handbook/total-rewards/compensation/#competitive-rate
  41. https://about.gitlab.com/handbook/stock-options/
  42. https://about.gitlab.com/handbook/finance/expenses/#-office-equipment-and-supplies
  43. https://about.gitlab.com/company/culture/all-remote/people/#worklife-harmony
  44. https://about.gitlab.com/company/culture/all-remote/guide/#non-linear-workday
  45. https://about.gitlab.com/company/family-and-friends-day/
  46. https://about.gitlab.com/handbook/marketing/corporate-marketing/all-remote/
  47. https://about.gitlab.com/handbook/marketing/corporate-marketing/all-remote/#all-remote-flywheel
  48. https://about.gitlab.com/handbook/marketing/corporate-marketing/all-remote/#vision
  49. https://about.gitlab.com/company/culture/
  50. https://about.gitlab.com/company/culture/all-remote/
  51. https://about.gitlab.com/handbook/hiring/recruitment-privacy-policy/
  52. https://about.gitlab.com/handbook/people-policies/inc-usa/#equal-employment-opportunity-policy
  53. https://about.gitlab.com/handbook/labor-and-employment-notices/#eeoc-us-equal-employment-opportunity-commission-notices
  54. https://about.gitlab.com/handbook/people-policies/inc-usa/#reasonable-accommodation
  55. https://about.gitlab.com/handbook/hiring/interviewing/#adjustments-to-our-interview-process

Other jobs at GitLab

3 jobs in the last 60 days · 7 jobs in total · avg 1 - 3 jobs/mo · 11506 job visits

GitLab

Let us send you new openings similar to Senior Security Engineer, Application Security straight to your Inbox. Weekly or Daily. 7-day free trial 💌

The ability to work remotely increases employee happiness by 20 percent.