Engineering Manager, SSCS: Supply Chain

GitlabGitlab·Remote(Remote, India)
Software Development
Adjust

WFA Digital Insight

The demand for skilled engineering managers in software supply chain security has grown significantly, with the global market expected to expand by 25% in the next two years. As companies like Gitlab invest heavily in DevSecOps, the need for experts who can develop and lead high-performing teams has never been more pressing. With over 50 million registered users, Gitlab is a leader in the industry, and this role offers a unique chance to work on critical security features. Before applying, candidates should be aware of the importance of technical credibility, team development, and predictable execution in this role.

Job Description

About the Role

As an Engineering Manager at Gitlab, you will be responsible for guiding the dedicated Software Supply Chain Security (SSCS) Add-On engineering team. This team is tasked with developing core capabilities such as Dependency Firewall, Build Provenance, Malicious Packages detection, and Artifact Signing. Your primary focus will be on developing the team, creating a healthy operating rhythm, and establishing predictable execution for the SSCS SKU.

The SSCS Add-On is a critical component of Gitlab's DevSecOps platform, and the team's work will have a direct impact on the company's ability to deliver software supply chain security features to its customers. You will work closely with the Staff Backend Engineer, Product Manager, and SSCS stage management to turn a defined roadmap into steady, high-quality delivery for enterprise customers with strict security and compliance needs.

Gitlab is a high-performance culture driven by its values and continuous knowledge exchange, enabling team members to reach their full potential while collaborating with industry leaders to solve complex problems. As an Engineering Manager, you will be expected to embody these values and create an environment that fosters growth, innovation, and teamwork.

What You Will Do

  • Guide a backend engineering team building the SSCS Add-On across dependency enforcement, build provenance, malicious package detection, and artifact signing.
  • Drive engineering delivery for general availability milestones by aligning sequencing, scope, and dependencies with the Staff Backend Engineer and Product Manager.
  • Develop the team by partnering with Talent Acquisition on sourcing, interview design, candidate evaluation, and hiring decisions.
  • Run regular 1:1s, performance reviews, and career development conversations that enable growth and clear expectations.
  • Advance engineering quality by monitoring cycle time, defect rates, and test coverage, and by addressing risks early.
  • Coordinate quarterly planning and roadmap tradeoff discussions with SSCS stage leadership and Product.
  • Work with cross-functional teams to ensure the successful delivery of the SSCS Add-On.
  • Develop and maintain a deep understanding of the technical capabilities and limitations of the SSCS Add-On.
  • Identify and mitigate technical risks that could impact the delivery of the SSCS Add-On.

What We Are Looking For

  • 5+ years of experience in software development, with a focus on backend engineering.
  • 2+ years of experience in a technical leadership role, such as Engineering Manager or Technical Lead.
  • Strong technical credibility, with experience in developing and delivering complex software systems.
  • Experience with software supply chain security, including dependency management and malicious package detection.
  • Strong leadership skills, with the ability to develop and motivate high-performing teams.
  • Excellent communication and collaboration skills, with the ability to work effectively with cross-functional teams.
  • Experience with Agile development methodologies and version control systems such as Git.

Nice to Have

  • Experience with cloud-based technologies, such as AWS or Azure.
  • Experience with DevSecOps tools, such as Jenkins or CircleCI.
  • Experience with containerization technologies, such as Docker.
  • Strong understanding of security and compliance principles, including HIPAA and PCI-DSS.

Benefits and Perks

  • Competitive salary and equity package.
  • Comprehensive health, dental, and vision insurance.
  • Flexible PTO policy, with unlimited paid time off.
  • Remote work stipend, with the ability to work from anywhere.
  • Professional development opportunities, including training and conference attendance.
  • Access to the latest technologies and tools, including MacBooks and cloud-based services.
  • Collaborative and dynamic work environment, with a team of experienced professionals.

How to Stand Out

  • Develop a strong understanding of software supply chain security principles, including dependency management and malicious package detection.
  • Highlight your technical leadership experience, including your ability to develop and motivate high-performing teams.
  • Be prepared to discuss your experience with Agile development methodologies, including your understanding of version control systems and continuous integration/continuous deployment (CI/CD) pipelines.
  • Showcase your ability to communicate complex technical concepts, including your experience with cross-functional teams and stakeholders.
  • Research the company culture and values, including Gitlab's commitment to diversity, equity, and inclusion, and be prepared to discuss how you embody these values in your work.
  • Prepare examples of your experience with cloud-based technologies, including your understanding of security and compliance principles in cloud-based environments.
  • Develop a list of questions to ask the interviewer, including questions about the team, the role, and the company culture.

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.