GitLab, founded in 2011 and based in San Francisco, California, maintains a distributed team of professionals that work remotely across multiple continents. GitLab advocates for pr
Staff Backend Engineer, Software Supply Chain Security – Secrets Management
Location
United States
Posted
94 days ago
Salary
$131.6K - $282K / year
Seniority
Lead
Job Description
Staff Backend Engineer, Software Supply Chain Security – Secrets Management
GitLab
• Lead the technical strategy for GitLab Secrets Manager, setting architecture direction for secure, multi-tenant secrets management at scale. • Own the integration between GitLab and OpenBao, including namespaces, authentication mechanisms, and policy management. • Collaborate with Pipeline Security, Authentication, and Platform teams to propose, review, and deliver cross-team secrets management improvements. • Partner with GitLab.com Infrastructure teams to ensure secrets management meets reliability, performance, and operational requirements. • Represent GitLab in the OpenBao open source project by contributing features upstream, participating in technical steering discussions, and maintaining strong technical credibility. • Mentor and advise engineers on secrets management, cryptographic systems, and secure architecture patterns, raising the quality and consistency of designs and implementations. • Interface with engineering managers and senior leadership to scope initiatives, clarify tradeoffs, and unblock delivery across teams. • Engage with customers and external stakeholders to understand real-world needs and communicate GitLab's secrets management capabilities and roadmap direction.
Job Requirements
- Experience designing and operating secrets management systems (for example, HashiCorp Vault, OpenBao, or cloud-native offerings), including secure storage, access control, and audit logging.
- Ability to lead architecture decisions for resilient, multi-tenant services that handle secrets operations at scale, including high availability and cluster management patterns.
- Working knowledge of cryptographic and key management concepts, such as encryption in transit and at rest, key derivation, and hardware security module (HSM) or PKCS#11 integrations.
- Experience implementing authentication and authorization integrations, such as JSON Web Token (JWT) or OpenID Connect (OIDC), mutual Transport Layer Security (mTLS), and certificate-based authentication.
- Proficiency building product integrations in Go (within the OpenBao or Vault ecosystem) and Ruby on Rails for GitLab platform integration.
- Experience contributing to open source projects and working effectively with distributed governance, balancing upstream needs with product requirements.
- Demonstrated ability to operate with high autonomy, drive strategy, and serve as a trusted partner to senior leaders (including constructively challenging assumptions and tradeoffs).
- Strong communication and collaboration skills to influence across teams and levels, including mentoring engineers and working in a fully remote, asynchronous environment.
Benefits
- Benefits to support your health, finances, and well-being
- Flexible Paid Time Off
- Team Member Resource Groups
- Equity Compensation & Employee Stock Purchase Plan
- Growth and Development Fund
- Parental leave
- Home office support
Related Guides
Related Job Pages
More Backend Engineer Jobs
• Development of corporate solutions and satellite systems • Troubleshooting and problem analysis • Training and mentoring teams • Execution and monitoring of maintenance routines • Responsible for ensuring delivery quality • Documentation of existing and in-development systems • Evaluation of new technologies • Creation of routines and applications required for pilots and prototypes • Oversight and validation of third-party activities • Bug fixes and improvements in existing systems
• API design (SOLID, Design Patterns, clean code) • SOA architecture (service-oriented architecture) • DevOps integration • Network and infrastructure topology • Experience in maintenance/support
Enterprise Technical Architect
UnanetUnanet is a leading provider of ERP and CRM solutions purpose-built for Government Contractors, AEC & Prof Services.
• Act as a top-tier escalation point for the most complex or high-impact customer issues. • Rearchitect solutions to ensure ongoing scalability and supportability. • Diagnose and troubleshoot deep technical problems across integrations, performance, infrastructure, or configuration. • Work directly with customers to resolve critical incidents and restore business continuity. • Partner with Engineering, Product, QA, Professional Services, and Customer Success teams to resolve bugs, influence product improvements, and advocate for customer needs.
• Develop and maintain Back-End applications in Java; • Support the definition and evolution of the solution architecture; • Build high-performance microservices and concurrent systems; • Implement integrations with messaging systems (SQS and Kafka); • Ensure code quality through unit tests and static analysis metrics (Sonar); • Work on continuous integration and delivery pipelines (Jenkins); • Collaborate with the team following versioning best practices (Git / Git-Flow).
