Senior Engineering Manager, Software Supply Chain Security
Senior Engineering Manager, Software Supply Chain Security
Remote
GitLab is an open core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations. Our mission is to enable everyone to contribute to and co-create the software that powers our world. When everyone can contribute, consumers become contributors, significantly accelerating the rate of human progress. This mission is integral to our culture, influencing how we hire, build products, and lead our industry. We make this possible at GitLab by running our operations on our product and staying aligned with our values. Learn more about Life at GitLab.
An overview of this role
We are seeking a seasoned Senior Engineering Manager to lead and grow a high-performing software engineering team focused on enhancing software supply chain security. This role will be instrumental in building and implementing innovative solutions to protect the software development lifecycle and the underlying authentication and authorization layers from vulnerabilities and threats.
Senior Engineering Managers at GitLab see their team as their product. While they are technically credible and know the details of what engineers work on, their time is spent safeguarding their team’s health, hiring a world-class team, and putting them in the best position to succeed. They own the delivery of product commitments and are always looking to improve productivity. They must also coordinate across departments including Product, UX, and Development to accomplish collaborative goals. Engineering Leadership at GitLab is cross-discipline.
A Senior Engineering Manager manages Engineering Managers with fullstack teams (frontend, backend, and fullstack engineers), and/or Engineering Individual Contributors (typically Principal level frontend, backend, and fullstack engineers) distributed across the world.
What You’ll Do
- Build a globally-distributed, sustainable, and high-performing team through hiring, retention, and strategic organizational design.
- Identify emerging software supply chain threats in the industry and via in-house research, and adjust strategy and prioritization in a timely manner.
- Stay up-to-date with industry best practices and standards in the area of supply chain security, and grow the skills and capabilities of your teams accordingly.
- Collaborate with product management and cross-functional teams across all GitLab areas to drive software supply chain security initiatives that touch on multiple stages of the developer workflow.
- Implement industry-based metrics to guide the team’s roadmap such as Third-Party Component Risk Score (TPCRS) and Supply Chain Attack Surface (SCAS).
- Plan and execute long-term strategies that move your team and the product stage(s) toward business objectives. This includes decision-making, alignment, staffing, prioritization, leading through change, and working through ambiguity.
- Lead and drive significant results for multiple teams that have a direct impact on the broader mission they contribute to.
- Develop and execute process enhancements while strategically influencing leadership decisions across multiple organizational levels.
- Identify and resolve problems proactively, even in ambiguous situations or where negotiations are necessary, through advanced thinking, partnership, and foresight.
What You’ll Bring
- Proven experience managing engineering managers and high-performing engineering teams, with a strong focus on software security.
- Deep understanding of software development lifecycles and security best practices.
- Strong technical skills in areas such as:
- Secure coding practices
- Vulnerability scanning and analysis
- Cryptography
- Threat modeling
- Experience with security frameworks and tools (e.g., OWASP, NIST, SAST, DAST).
- Data-driven approach to improving team productivity and effectiveness.
- Strong communication, collaboration, and stakeholder management abilities.
- Experience working on open-source or enterprise-grade Software Supply Chain Security (SSCS) products, as a manager/leader.
- Demonstrated experience delivering scalable solutions, from database to frontend performance, as an individual contributor or manager.
- Ability to discuss architectural concepts and systems design, and to broker technical decisions at a high level between individual contributors.
About the team
The Software Supply Chain Security team is tasked with building a strong end-to-end software supply chain security story for GitLab users, with building compliance solutions and improving authentication and authorization as well as pipeline security across the whole GitLab product.
In this role, you’ll be leading a thirty-person team consisting of four engineering managers with six to eight reports each.
Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply to a job unless they meet every single qualification. If you're excited about this role, please apply and allow our recruiters to assess your application.
The base salary range for this role’s listed level is currently for residents of listed locations only. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, and alignment with market data. See more information on our benefits and equity. Sales roles are also eligible for incentive pay targeted at up to 100% of the offered base salary.
$157,900 - $338,400 USD
Country Hiring Guidelines: GitLab hires new team members in countries around the world. All of our roles are remote; however, some roles may carry specific location-based eligibility requirements. Our Talent Acquisition team can help answer any questions about location after starting the recruiting process.
GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. GitLab’s policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including family medical history), discharge status from the military, protected veteran status (which includes disabled veterans, recently separated veterans, active duty wartime or campaign badge veterans, and Armed Forces service medal veterans), or any other basis protected by law. GitLab will not tolerate discrimination or harassment based on any of these characteristics. See also GitLab’s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know during the recruiting process.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
