Director of Engineering, Security Risk Management

Director of Engineering, Security Risk Management GitLab is an open-core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations. Our mission is to enable everyone to contribute to and co-create the software that powers our world. When everyone can contribute, consumers become contributors, significantly accelerating human progress. Our platform unites teams and organizations, breaking down barriers and redefining what's possible in software development. Thanks to products like Duo Enterprise and Duo Agent Platform, customers get AI benefits at every stage of the SDLC. The same principles built into our products are reflected in how our team works: we embrace AI as a core productivity multiplier, with all team members expected to incorporate AI into their daily workflows to drive efficiency, innovation, and impact. GitLab is where careers accelerate, innovation flourishes, and every voice is valued. Our high-performance culture is driven by our values and continuous knowledge exchange, enabling our team members to reach their full potential while collaborating with industry leaders to solve complex problems. Co-create the future with us as we build technology that transforms how the world develops software. What You’ll Do Design distributed systems architecture capable of processing vulnerability data from thousands of repositories, millions of commits, and complex dependency graphs in real-time Drive storage system decisions for multi-petabyte security datasets, balancing query performance, cost efficiency, and data retention requirements across time-series, graph, and document storage paradigms Architect scalable analysis pipelines that can ingest vulnerability feeds, correlate findings across multiple security tools, and provide actionable intelligence to security teams and individual developers Lead the technical evolution from monolithic security scanning to microservices-based, event-driven vulnerability management systems Engineering Culture Transformation Champion high-performance systems thinking throughout the team, establishing patterns for horizontal scaling, efficient resource utilization, and fault-tolerant distributed computing Establish technical standards for system observability, chaos engineering, and performance optimization in security-critical systems Mentor and develop senior engineers in distributed systems design, database optimization, and large-scale system architecture Drive architectural decision records (ADRs) for major technical decisions, particularly around data storage, processing frameworks, and system boundaries Product & User Experience Excellence Own the end-to-end user journey (in partnership with PM) for both AppSec professionals managing enterprise-wide risk and developers receiving actionable security feedback in their workflow Design APIs and interfaces that abstract complexity while providing the power and flexibility that security professionals demand Collaborate with Product Management, UX and Product Design to translate complex technical capabilities into intuitive user experiences Establish feedback loops with large enterprise customers to ensure our technical solutions scale with their organizational complexity Strategic Technical Execution Evaluate and integrate cutting-edge technologies in areas such as graph databases, stream processing, machine learning inference at scale, and distributed caching, in collaboration with GitLab’s Infrastructure, Data and AI teams Own the technical roadmap for vulnerability correlation, risk scoring, and automated remediation workflows Drive partnerships with other GitLab stages to ensure seamless integration across the DevSecOps platform Lead incident response for availability and performance issues in customer-facing security systems What You’ll Bring Technical Expertise – 10+ years of software engineering experience with 5+ years leading distributed systems at scale (>100M daily operations); deep expertise in designing and operating high-throughput, low-latency distributed systems with complex data models; experience with polyglot persistence, including PostgreSQL, time-series, graph databases, and distributed key-value stores; strong background in stream processing frameworks (Kafka, Flink) and event-driven architectures; hands-on experience with Kubernetes and cloud-native observability; security domain knowledge with understanding of vulnerability assessment, static analysis, dependency scanning, or application security testing Leadership & Communication – Proven track record of leading and growing high-performing engineering teams; experience transforming engineering culture and establishing technical excellence standards; strong technical communication skills for executive stakeholders; collaborative leadership across multiple teams Problem-Solving & Innovation – Systems thinking for complex problems with trade-offs between performance, scalability, and maintainability; experience with A/B testing and data-driven decisions; track record of large-scale migrations or architectural transformations; startup or high-growth experience balancing technical debt with rapid feature delivery About The Team Security Risk Management sits at the heart of modern DevSecOps. The systems you build will directly impact how Fortune 500 companies protect their applications and how millions of developers integrate security into their daily workflow. You’ll have the opportunity to define the future of application security tooling while working with some of the most challenging distributed systems problems in the industry. EEO & Benefits GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. Our policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit. If you have a disability or special need that requires accommodation, please let us know during the recruiting process. We also provide salary ranges and benefits information as part of our transparency. United States Salary Range: $194,800—$365,200 USD How GitLab Will Support You: Benefits to support your health, finances, and well-being; Flexible Paid Time Off; Equity Compensation & Employee Stock Purchase Plan; Growth and Development Fund; Parental leave; Home office support. Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. If you’re excited about this role, please apply and allow our recruiters to assess your application. #J-18808-Ljbffr