Senior Security Engineer Application Security @ GitLab
placeHybrid
attach_money $150,000
businessHybrid
scheduleFull Time
Posted 1 day ago
Your Application Journey
Interview
Email Hiring Manager
****** @gitlab.com
Recommended after applying
Job Details
About GitLab
GitLab is an open-core software company that develops the most comprehensive AI-powered DevSecOps Platform used by over 100,000 organizations. Our mission is to enable everyone to contribute to and co-create the software that powers our world.
Overview of the Role
The Senior Security Engineer Application Security will work as part of the Application Security team to collaborate with GitLab engineers and product teams. The aim is to anticipate and prevent vulnerabilities during design and development ensuring delivery of trusted, high-quality software.
What You’ll Do
- Conduct security-focused design reviews, threat modeling, code reviews, and security assessments.
- Explore and demonstrate vulnerabilities in controlled environments.
- Establish secure development practices and security standards.
- Provide direct contributions to product security and incorporate customer feedback on platform features.
- Enhance security workflows, supply chain security and scale internal processes.
What You’ll Bring
- Bachelor's degree or equivalent experience in Computer Science or related fields.
- 5+ years of professional experience in IT, technical support or engineering.
- Strong understanding of application security concepts such as OWASP Top 10, STRIDE model, CVSS scoring, and Threat Modeling.
- Experience with code review, threat modeling, SAST, DAST and penetration testing.
- Proficiency in programming languages like Ruby, Go and shell scripting.
- Familiarity with security tools including Brakeman and BurpSuite, and a working knowledge of Git.
How GitLab Will Support You
- All remote, asynchronous work environment.
- Flexible Paid Time Off and home office support.
- Equity Compensation and Employee Stock Purchase Plan.
- Growth and development budget with team resource groups.
Key Skills/Competency
- Security Analysis
- Threat Modeling
- Code Review
- Penetration Testing
- Secure Coding
- Vulnerability Research
- Risk Assessment
- DevSecOps
- Cloud Security
- Automation
How to Get Hired at GitLab
🎯 Tips for Getting Hired
- Customize Your Resume: Highlight security projects and relevant skills.
- Tailor Your Cover Letter: Reflect GitLab culture and role specifics.
- Leverage Your Network: Connect with current GitLab engineers on LinkedIn.
- Prepare for Interviews: Review threat modeling and code review practices.
📝 Interview Preparation Advice
Technical Preparation
circle
Review threat modeling frameworks and security protocols.
circle
Practice code reviews and vulnerability assessments in labs.
circle
Sharpen skills in Ruby, Go, and shell scripting.
circle
Study application security tools like Brakeman and BurpSuite.
Behavioral Questions
circle
Explain handling pressure in challenging projects.
circle
Describe teamwork in solving complex vulnerabilities.
circle
Discuss communication with technical and nontechnical teams.
circle
Share an example of learning from failure.
Frequently Asked Questions
What security experience does GitLab expect for a Senior Security Engineer Application Security role?
keyboard_arrow_down
How does GitLab integrate AI in the Senior Security Engineer Application Security role?
keyboard_arrow_down
What programming languages should applicants know for the GitLab security role?
keyboard_arrow_down
How can I learn more about GitLab's remote and inclusive culture for this role?
keyboard_arrow_down