Senior Security Engineer Application Security
@ GitLab

Hybrid

$150,000

Hybrid

Full Time

Posted 23 days ago

Your Application Journey

Interview

Email Hiring Manager

XXXXXXXXX XXXXXXXXXXXXX XXXXXXXXX****** @gitlab.com

Recommended after applying

Job Details

About GitLab

GitLab is an open-core software company that develops the most comprehensive AI-powered DevSecOps Platform used by over 100,000 organizations. Our mission is to enable everyone to contribute to and co-create the software that powers our world.

Overview of the Role

The Senior Security Engineer Application Security will work as part of the Application Security team to collaborate with GitLab engineers and product teams. The aim is to anticipate and prevent vulnerabilities during design and development ensuring delivery of trusted, high-quality software.

What You’ll Do

Conduct security-focused design reviews, threat modeling, code reviews, and security assessments.
Explore and demonstrate vulnerabilities in controlled environments.
Establish secure development practices and security standards.
Provide direct contributions to product security and incorporate customer feedback on platform features.
Enhance security workflows, supply chain security and scale internal processes.

What You’ll Bring

Bachelor's degree or equivalent experience in Computer Science or related fields.
5+ years of professional experience in IT, technical support or engineering.
Strong understanding of application security concepts such as OWASP Top 10, STRIDE model, CVSS scoring, and Threat Modeling.
Experience with code review, threat modeling, SAST, DAST and penetration testing.
Proficiency in programming languages like Ruby, Go and shell scripting.
Familiarity with security tools including Brakeman and BurpSuite, and a working knowledge of Git.

How GitLab Will Support You

All remote, asynchronous work environment.
Flexible Paid Time Off and home office support.
Equity Compensation and Employee Stock Purchase Plan.
Growth and development budget with team resource groups.

Key Skills/Competency

Security Analysis
Threat Modeling
Code Review
Penetration Testing
Secure Coding
Vulnerability Research
Risk Assessment
DevSecOps
Cloud Security
Automation

Apply without a personalized resume

How to Get Hired at GitLab

🎯 Tips for Getting Hired

Customize Your Resume: Highlight security projects and relevant skills.
Tailor Your Cover Letter: Reflect GitLab culture and role specifics.
Leverage Your Network: Connect with current GitLab engineers on LinkedIn.
Prepare for Interviews: Review threat modeling and code review practices.

📝 Interview Preparation Advice

Technical Preparation

Review threat modeling frameworks and security protocols.

Practice code reviews and vulnerability assessments in labs.

Sharpen skills in Ruby, Go, and shell scripting.

Study application security tools like Brakeman and BurpSuite.

Behavioral Questions

Explain handling pressure in challenging projects.

Describe teamwork in solving complex vulnerabilities.

Discuss communication with technical and nontechnical teams.

Share an example of learning from failure.

Ready to optimize your application for GitLab?

Our Al will adapt your resume for GitLab's hiring patterns and similar Senior Security Engineer Application Security roles.

Frequently Asked Questions

What security experience does GitLab expect for a Senior Security Engineer Application Security role?

How does GitLab integrate AI in the Senior Security Engineer Application Security role?

What programming languages should applicants know for the GitLab security role?

How can I learn more about GitLab's remote and inclusive culture for this role?