Intermediate Backend Engineer - Govern: Security Policies

An overview of this role

Join GitLab's Security Policies team and be at the forefront of building a more secure software development lifecycle! As a Backend Engineer you will play a crucial role in empowering organizations to define implement and manage security policies within GitLab. Initially your focus will be enhancing the quality and robustness of our current feature set. This includes reducing our test gap leading testing efforts and developing comprehensive automated test cases. By solidifying our existing foundation you'll be setting the stage for the future of Security Policies . Once our foundation is solid you'll leverage your expertise to help us introduce powerful new features that give customers greater control and visibility over their security posture. You'll collaborate closely with product manager designers and frontend engineers to deliver a seamless and impactful user experience. If you're driven to make a real difference in the world of DevSecOps we encourage you to apply!

Examples of our projects:

• Pipeline Execution Policies

• Scan Execution Policies

• Merge Request Approval Policies

• External Status Checks

What You’ll Do

• Build and enhance Security Policies features with a focus on security performance and robust testing.

• Take ownership of feature quality by executing manual test cases and driving improvements to the verification process.

• Partner with Product Management and Engineering to uphold rigorous quality standards.

• Champion continuous improvement in product quality security and performance.

• Deliver clean maintainable code adhering to best practices for high-scale web applications.

• Provide timely and constructive code reviews fostering a welcoming environment for community contributions.

• Proactively identify and address technical debt optimizing team efficiency.

• Deliver features independently while excelling in collaborative environments for larger projects.

• Contribute to on-call rotations ensuring the stability and security of GitLab operations.

What You’ll Bring

• Proven expertise in Ruby on Rails development.

• Proficiency in relational databases particularly PostgreSQL.

• Ability to articulate complex technical challenges and propose well-defined iterative solutions.

• Solid understanding of software testing principles and experience with quality assurance tasks.

• Comfort working in a highly agile intensely iterative software development process

• Effective communication skills: Regularly achieve consensus with peers provide clear and consistent status updates with a positive and solution-oriented mindset.

• Experience owning a project from concept to production including proposal discussion and execution

• Highly organized self-starter with strong self-management skills.

About the team

The Security Policies team is at the forefront of security policy management building powerful tools that empower organizations to secure their software development lifecycle. They are focused on enabling automated policy enforcement providing detailed insights into security posture and simplifying the process of managing policies across different environments. If you are passionate about building secure and reliable software this team offers a unique opportunity to impact how companies approach security.

Our technical roadmap is available here . In the future we will work on improving current policy types and implementing new ones as well as collaborate with other teams. Additional challenges we will tackle will require us to collaborate with different groups ie. from Secure and other Govern groups. Additionally we will enhance External Status Checks with additional features.

More information about our team:

• Engineering sub-department handbook page

• Product direction page

• Priorities list

• YouTube Playlist

How GitLab will support you

• Benefits to support your health finances and well-being

• All remote asynchronous work environment

• Flexible Paid Time Off

• Team Member Resource Groups

• Equity Compensation & Employee Stock Purchase Plan

• Growth and development budget

• Parental leave

• Home office support

Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally studies have shown that people from underrepresented groups are less likely to apply to a job unless they meet every single qualification. If you're excited about this role please apply and allow our recruiters to assess your application.