Senior Security Engineer

Senior Security Engineer - Enterprise AI Security Join to apply for the Senior Security Engineer - Enterprise AI Security role at GitLab GitLab is an open-core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations. Our mission is to enable everyone to contribute to and co-create the software that powers our world. When everyone can contribute, consumers become contributors, significantly accelerating human progress. Our platform unites teams and organizations, breaking down barriers and redefining what's possible in software development. We're looking for a Senior Security Engineer to lead security for GitLab's internal AI initiatives. You'll establish security frameworks for AI/ML systems used by our global workforce, ensuring responsible AI adoption while protecting against AI-specific threats. What You'll Do Design AI Security Architecture: Build comprehensive security frameworks for internal AI systems, including LLMs, productivity tools, and AI-powered business applications used by GitLab team members. Secure Model Context Protocol (MCP) Implementations: Monitor and secure MCP server deployments, establish authentication standards, and implement monitoring for MCP interactions across internal tools and development environments Manage Non-Human Identities: Architect identity management systems for AI agents, service accounts, and automated systems. Implement zero-trust principles and least-privilege access controls for machine-to-machine communications Govern Internal AI Tool Usage: Secure employee use of AI assistants (ChatGPT, Claude, through DLP controls, monitoring, and policy enforcement while protecting intellectual property and confidential data. Product & Product Security Collaboration: Work with our Product and Product Security teams as necessary on GitLab Duo and other internal use cases. Implement Data Protection Controls: Prevent sensitive corporate data leakage through AI systems, establish data classification frameworks, and design privacy-preserving techniques for internal AI analytics Drive Cross-Functional Collaboration: Partner with IT, Legal, Product, Product Security and business teams to enable secure AI adoption, provide security training, and evaluate new AI tools through procurement processes What You'll Bring 5+ years information security experience with 2+ years in enterprise AI/ML security Deep expertise in enterprise AI adoption, shadow IT risks, and data loss prevention Strong experience with identity and access management, particularly non-human identity governance Proven experience managing service accounts, API keys, certificates, secrets management, and automated system authentication Proficiency in cloud security (AWS, GCP, Azure) and scripting (Python, Go, Ruby, Node.js) Understanding of API security, OAuth, SAML, and modern authentication protocols Excellent communication skills for GitLab's transparent, asynchronous, and global culture Preferred Qualifications Experience with Model Context Protocol (MCP) and similar AI integration protocols Hands-on experience managing enterprise AI deployments and governance programs Knowledge of browser security, endpoint protection, and remote work security considerations Experience with Enterprise AI platforms (OpenAI, Anthropic, Google Vertex AI, AWS Bedrock, etc) Published research or contributions to enterprise AI security communities How GitLab Will Support You Benefits to support your health, finances, and well-being All remote, asynchronous work environment Flexible Paid Time Off Team Member Resource Groups Equity Compensation & Employee Stock Purchase Plan Growth and Development Fund Parental leave Home office support Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. GitLab’s policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including family medical history), discharge status from the military, protected veteran status (which includes disabled veterans, recently separated veterans, active duty wartime or campaign badge veterans, and Armed Forces service medal veterans), or any other basis protected by law. GitLab will not tolerate discrimination or harassment based on any of these characteristics. See also GitLab’s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know during the recruiting process. #J-18808-Ljbffr