Senior Security Engineer Application Security
@ GitLab

Hybrid
$150,000
Hybrid
Full Time
Posted 1 day ago

Your Application Journey

Personalized Resume
Apply
Email Hiring Manager
Interview

Email Hiring Manager

XXXXXXXXX XXXXXXXXXXXXX XXXXXXXXX****** @gitlab.com
Recommended after applying

Job Details

About GitLab

GitLab is an open-core software company that develops the most comprehensive AI-powered DevSecOps Platform used by over 100,000 organizations. Our mission is to enable everyone to contribute to and co-create the software that powers our world.

Overview of the Role

The Senior Security Engineer Application Security will work as part of the Application Security team to collaborate with GitLab engineers and product teams. The aim is to anticipate and prevent vulnerabilities during design and development ensuring delivery of trusted, high-quality software.

What You’ll Do

  • Conduct security-focused design reviews, threat modeling, code reviews, and security assessments.
  • Explore and demonstrate vulnerabilities in controlled environments.
  • Establish secure development practices and security standards.
  • Provide direct contributions to product security and incorporate customer feedback on platform features.
  • Enhance security workflows, supply chain security and scale internal processes.

What You’ll Bring

  • Bachelor's degree or equivalent experience in Computer Science or related fields.
  • 5+ years of professional experience in IT, technical support or engineering.
  • Strong understanding of application security concepts such as OWASP Top 10, STRIDE model, CVSS scoring, and Threat Modeling.
  • Experience with code review, threat modeling, SAST, DAST and penetration testing.
  • Proficiency in programming languages like Ruby, Go and shell scripting.
  • Familiarity with security tools including Brakeman and BurpSuite, and a working knowledge of Git.

How GitLab Will Support You

  • All remote, asynchronous work environment.
  • Flexible Paid Time Off and home office support.
  • Equity Compensation and Employee Stock Purchase Plan.
  • Growth and development budget with team resource groups.

Key Skills/Competency

  • Security Analysis
  • Threat Modeling
  • Code Review
  • Penetration Testing
  • Secure Coding
  • Vulnerability Research
  • Risk Assessment
  • DevSecOps
  • Cloud Security
  • Automation
Apply without a personalized resume

How to Get Hired at GitLab

🎯 Tips for Getting Hired

  • Customize Your Resume: Highlight security projects and relevant skills.
  • Tailor Your Cover Letter: Reflect GitLab culture and role specifics.
  • Leverage Your Network: Connect with current GitLab engineers on LinkedIn.
  • Prepare for Interviews: Review threat modeling and code review practices.

📝 Interview Preparation Advice

Technical Preparation

Review threat modeling frameworks and security protocols.
Practice code reviews and vulnerability assessments in labs.
Sharpen skills in Ruby, Go, and shell scripting.
Study application security tools like Brakeman and BurpSuite.

Behavioral Questions

Explain handling pressure in challenging projects.
Describe teamwork in solving complex vulnerabilities.
Discuss communication with technical and nontechnical teams.
Share an example of learning from failure.

Frequently Asked Questions