VP of Product Security

🕒 May 15

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

GitLab

WebsiteLinkedInAll Job Openings

1001 - 5000 employees

Founded 2014

🤖 Artificial Intelligence

🏢 Enterprise

☁️ SaaS

💰 Secondary Market on 2020-11

Artificial Intelligence • Enterprise • SaaS

GitLab is the most comprehensive AI-powered DevSecOps platform, offering tools for automated software delivery, security, and compliance throughout the software development lifecycle. It provides solutions across areas such as AI-assisted development, continuous integration/continuous deployment (CI/CD), source code management, and vulnerability management. GitLab aims to simplify and accelerate software delivery by uniting development, security, and operations on a unified platform. It is particularly recognized for its AI code assistants and has been named a leader in the Gartner Magic Quadrant™ for DevOps Platforms, making it a preferred choice for many enterprises.

📋 Description

• Set the long-term strategy and operating model for Product Security across GitLab.com, GitLab Dedicated, and self-managed offerings • Lead a global, multi-disciplinary organization spanning: • Application Security • Product Security Engineering / security tooling • Security Architecture and Platforms • Vulnerability Management • Product Security Incident Response (PSIRT) • Infrastructure, Cloud, and Data Security • Partner with the Chief Technology Officer, Chief Product Officer, Chief Information Security Officer, Vice President of AI Engineering, and other R&D leaders to embed security into product architecture, planning, and delivery • Own the roadmap for core security services and developer-facing platform capabilities, including authentication, authorization, secrets management, auditability, and security APIs • Drive secure design reviews, threat modeling, and risk-based security practices that help product teams ship securely without adding unnecessary friction • Guide GitLab's approach to AI and agentic security, including security architecture, governance decisions, and risk acceptance for new AI surfaces • Oversee vulnerability management, product security incident response, and bug bounty operations, using trends and root-cause analysis to inform durable product and process improvements • Establish clear security metrics, planning inputs, and risk visibility that support executive decision-making, customer conversations, and engineering prioritization

🎯 Requirements

• Experience operating as a senior engineering or security leader with strong product engineering credibility and ownership of security-relevant product architecture • Experience building, shipping, and operating services in a high-growth SaaS or AI environment, with a clear understanding of how fast-moving product teams work • Ability to lead multi-disciplinary organizations through Directors, Senior Managers, and senior individual contributors in a distributed, remote-first setting • Knowledge of secure design, threat modeling, web application and API security, and modern authentication and authorization patterns • Familiarity with software supply chain security, continuous integration and continuous delivery pipelines, vulnerability management, incident response, and cloud security concepts • Experience partnering closely with Product, Engineering, AI, and Security leaders to turn risk, customer needs, and technical trade-offs into practical roadmaps and decisions • Skill in written and verbal communication, including presenting technical risk and business trade-offs clearly to executives, customers, and other stakeholders • Openness to candidates with different career paths, including product engineering leaders with deep security ownership or security leaders with a strong record of building and shipping products • Nice-to-have: Experience with developer tools, DevOps/DevSecOps platforms, large-scale open-source projects, security standards and frameworks (OWASP, NIST, SLSA), bug bounty and coordinated disclosure programs, or regulated/security-sensitive customer environments (financial services, government, healthcare).

🏖️ Benefits

• Benefits to support your health, finances, and well-being • Flexible Paid Time Off • Team Member Resource Groups • Equity Compensation & Employee Stock Purchase Plan • Growth and Development Fund • Parental Leave