Engineering Manager, Software Supply Chain Security – Pipeline Security

🕒 Dezembro 18, 2025

Candidatar-se

Encontrar Vagas Remotas Similares

Receber Emails de Vagas Remotas

📊 Verifique sua pontuação de currículo para esta vaga

Melhore suas chances de conseguir uma entrevista verificando sua pontuação de currículo antes de se candidatar.

Enviar Currículo

GitLab

SiteLinkedInTodas as Vagas

1001 - 5000 funcionários

Fundada em 2014

🤖 Inteligência Artificial

🏢 Corporativo

☁️ SaaS

💰 Secondary Market em 2020-11

Artificial Intelligence • Enterprise • SaaS

O GitLab é uma plataforma completa de DevOps, entregue como uma única aplicação, que transforma fundamentalmente a forma como os times de Desenvolvimento, Segurança e Ops colaboram e desenvolvem software. Da ideia à produção, o GitLab ajuda os times a reduzir o tempo de ciclo de semanas para minutos, diminuir os custos de desenvolvimento e o time to market, ao mesmo tempo em que aumenta a produtividade dos desenvolvedores.

Descrição

• Lead a team of engineers building Software Supply Chain Security features with a focus on CI job artifact security. • Guide the design and implementation of SLSA (Supply-chain Levels for Software Artifacts) compliance within GitLab CI/CD pipelines. • Collaborate with Product Managers to define, prioritize, and deliver the roadmap for supply chain security capabilities. • Partner with Security team members to ensure new and existing features meet GitLab’s security standards and align with best practices. • Stay current with software supply chain security standards and tools, including SLSA, SBOM, software composition analysis, and vulnerability management. Translate what you learn into actionable product improvements. • Educate and advocate for supply chain security best practices across engineering teams to drive adoption of secure patterns in CI pipelines. • Represent the Pipeline Security team in cross-functional initiatives and, when appropriate, in external industry forums focused on software supply chain security. • Drive continuous improvement in team health, delivery predictability, and documentation quality for pipeline and supply chain security features.

🎯 Requisitos

• Experience leading and developing engineering teams, with a focus on building secure, reliable product features. • Practical knowledge of software supply chain security concepts, tools, and industry standards. • Understanding of the SLSA (Supply-chain Levels for Software Artifacts) framework and how to apply it in CI/CD pipelines. • Familiarity with software artifact provenance, attestation, and verification techniques. • Knowledge of secure software development practices, including container security, software composition analysis, and vulnerability management. • Experience working with CI/CD systems and their security considerations. • Ability to collaborate effectively with product management, security, and other cross-functional partners, and to advocate for supply chain security best practices. • Openness to learning new technologies and approaches, with transferable skills from related security, infrastructure, or software engineering domains.

🏖️ Benefícios

• Benefits to support your health, finances, and well-being • Flexible Paid Time Off • Team Member Resource Groups • Equity Compensation & Employee Stock Purchase Plan • Growth and Development Fund • Parental leave • Home office support