Engineering Manager, Software Supply Chain Security: Pipeline Security

Job Description

• Leading a team focused on developing features for Software Supply Chain Security.
• Guiding the implementation of the SLSA compliance framework into GitLab CI/CD pipeline features.
• Collaborating with Product Managers to define and prioritize the roadmap for Supply Chain Security features.
• Staying current with industry standards and best practices in software supply chain security.
• Partnering with Security team members to ensure features meet the highest security standards.
• Educating and advocating for supply chain security best practices across GitLab.
• Representing GitLab in industry forums related to software supply chain security when appropriate.

• Experience with software supply chain security concepts and tools.
• Understanding of the SLSA framework and its application in CI/CD pipelines.
• Familiarity with software artifact provenance, attestation, and verification techniques.
• Knowledge of secure software development practices.
• Experience with CI/CD systems and their security considerations.
• Understanding of container security concepts.
• Familiarity with software composition analysis and vulnerability management.

• All remote, asynchronous work environment.
• Flexible Paid Time Off.
• Equity Compensation & Employee Stock Purchase Plan.
• Growth and Development Fund.
• Parental leave.
• Home office support.