Engineering Manager, Software Supply Chain Security – Pipeline Security

🕒 December 18, 2025

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

GitLab

WebsiteLinkedInAll Job Openings

1001 - 5000 employees

Founded 2014

🤖 Artificial Intelligence

🏢 Enterprise

☁️ SaaS

💰 Secondary Market on 2020-11

Artificial Intelligence • Enterprise • SaaS

GitLab is the most comprehensive AI-powered DevSecOps platform, offering tools for automated software delivery, security, and compliance throughout the software development lifecycle. It provides solutions across areas such as AI-assisted development, continuous integration/continuous deployment (CI/CD), source code management, and vulnerability management. GitLab aims to simplify and accelerate software delivery by uniting development, security, and operations on a unified platform. It is particularly recognized for its AI code assistants and has been named a leader in the Gartner Magic Quadrant™ for DevOps Platforms, making it a preferred choice for many enterprises.

📋 Description

• Lead a team of engineers building Software Supply Chain Security features with a focus on CI job artifact security. • Guide the design and implementation of SLSA (Supply-chain Levels for Software Artifacts) compliance within GitLab CI/CD pipelines. • Collaborate with Product Managers to define, prioritize, and deliver the roadmap for supply chain security capabilities. • Partner with Security team members to ensure new and existing features meet GitLab’s security standards and align with best practices. • Stay current with software supply chain security standards and tools, including SLSA, SBOM, software composition analysis, and vulnerability management. Translate what you learn into actionable product improvements. • Educate and advocate for supply chain security best practices across engineering teams to drive adoption of secure patterns in CI pipelines. • Represent the Pipeline Security team in cross-functional initiatives and, when appropriate, in external industry forums focused on software supply chain security. • Drive continuous improvement in team health, delivery predictability, and documentation quality for pipeline and supply chain security features.

🎯 Requirements

• Experience leading and developing engineering teams, with a focus on building secure, reliable product features. • Practical knowledge of software supply chain security concepts, tools, and industry standards. • Understanding of the SLSA (Supply-chain Levels for Software Artifacts) framework and how to apply it in CI/CD pipelines. • Familiarity with software artifact provenance, attestation, and verification techniques. • Knowledge of secure software development practices, including container security, software composition analysis, and vulnerability management. • Experience working with CI/CD systems and their security considerations. • Ability to collaborate effectively with product management, security, and other cross-functional partners, and to advocate for supply chain security best practices. • Openness to learning new technologies and approaches, with transferable skills from related security, infrastructure, or software engineering domains.

🏖️ Benefits

• Benefits to support your health, finances, and well-being • Flexible Paid Time Off • Team Member Resource Groups • Equity Compensation & Employee Stock Purchase Plan • Growth and Development Fund • Parental leave • Home office support