This position is remote based.
The Security Team at GitLab works on securing our product and on internal security. On the product side, this includes the open source version of GitLab, the enterprise editions, and the GitLab.com service. Security Engineers work with peers on cross-functional teams dedicated to areas of the product. They also work together with product managers, developers, and infrastructure teams to solve common goals.
Red Team specialists emulate adversary activity to better GitLab’s enterprise and product security. The role requires the ability to think like an advanced persistent threat. Creativity is key. For example, develop attack plans and stealthily execute them to compromise sensitive information on GitLab.com such as private repos, or develop and distribute malware to GitLabbers to demonstrate how the corporate enterprise could be compromised.
- Will dedicate all bandwidth to dogfooding and contributing directly to Secure/Defend products.
- Seek and detect vulnerabilities, develop corresponding solutions and help improve the security technology.
- Conduct code review of Ruby and Go backend code. Other languages are a plus.
- Work with static analysis/compilers.
- Write detailed technical reports.
- Assess security product output results and conduct root cause analysis to improve efficacy.
- Responds to internal and external customer inquiries on vulnerabilities and related topics.
- At least 2-3 years of direct experience as an Individual Contributor in specialty
- If offered the position, you can start within 1 month’s timeframe
- You have a passion for security and open source
- You are a team player, and enjoy collaborating with cross-functional teams
- You are a great communicator
- You employ a flexible and constructive approach when solving problems
- You share our values, and work in accordance with those values
- Please view the compensation range for this role at the bottom of the position description.