Senior Backend Engineer (RoR/Go), SSCS: Pipeline Security

Software Development

Adjust

WFA Digital Insight

As demand for secure software development soars, companies like Gitlab are driving innovation in DevSecOps. With over 50 million registered users, Gitlab is at the forefront of this shift. The need for skilled backend engineers, especially those proficient in Ruby on Rails and Go, has grown significantly. According to recent trends, the demand for such specialists is expected to continue rising, making this role a significant opportunity for career growth. Before applying, candidates should understand the importance of integrating AI for productivity and the value of working in a high-performance, culturally diverse environment.

Job Description

About the Role

As a Senior Backend Engineer on the Pipeline Security team at Gitlab, you will be instrumental in shaping the future of secure software development. Your primary focus will be on the native Secrets Manager, a critical component of Gitlab's DevSecOps platform. This role involves working closely with cross-functional teams to design, develop, and deploy features that enhance the security and efficiency of Gitlab's CI/CD pipelines. Given the critical nature of this role, you will have the opportunity to make significant contributions to the technical direction and architecture of the Secrets Manager, ensuring it meets the evolving needs of Gitlab's user base.

The day-to-day responsibilities will include working with Ruby on Rails and Go, designing backend architecture for complex security features, and leading the development of role-based access control models and GraphQL APIs. You will also collaborate with Product, security partners, and other engineering teams to document tradeoffs, align on direction, and deliver iteratively in a distributed environment.

What You Will Do

Build and maintain secure, readable backend code primarily in Ruby on Rails, with some development in Go for targeted components.
Design backend architecture for complex security features, including secrets access control, pipeline security enforcement, and OpenBao integration.
Lead the development of role-based access control models, GraphQL APIs, and supporting application patterns for features owned by the team.
Own features end-to-end, from technical design and implementation through deployment, validation, and production support.
Collaborate with Product, security partners, and other engineering teams to document tradeoffs, align on direction, and deliver iteratively in a distributed environment.
Improve code quality, maintainability, security, and performance through code review, design iteration, and internal standards for a high-scale web environment.
Participate in the planning and execution of technical projects, ensuring they are completed efficiently and to a high standard.
Represent the team's point of view in cross-functional discussions, helping to drive technical decisions that align with the company's strategic goals.
Identify areas for improvement in the current workflow and suggest or implement changes as necessary.

What We Are Looking For

Proficiency in Ruby on Rails and Go, with a strong understanding of their ecosystems and best practices.
Experience with designing and implementing secure backend architectures, including role-based access control and GraphQL APIs.
Knowledge of Kubernetes deployment configuration and experience with containerization.
Strong understanding of software development principles, including testing, validation, and continuous integration.
Experience working in a distributed team environment, with excellent communication and collaboration skills.
Ability to work independently and manage your time effectively, with a strong focus on delivering high-quality results.
Passion for security, compliance, and software development, with a continuous desire to learn and adapt to new technologies and methodologies.
Experience with Agile development methodologies and version control systems like Git.

Nice to Have

Experience with OpenBao and its integration with Gitlab CI/CD.
Knowledge of AI and machine learning principles and their application in software development.
Familiarity with cloud platforms such as AWS or GCP, and experience with infrastructure as code tools like Terraform.
Participation in open-source projects or personal projects that demonstrate your skills and interests.

Benefits and Perks

Competitive compensation package.
Opportunity to work with a global team of highly skilled professionals.
Flexible working hours and remote work options.
Professional development opportunities, including training, mentorship, and conference attendance.
Access to the latest technologies and tools.
Comprehensive health insurance and wellness programs.
Generous parental leave policy.
Annual stipend for learning and development.
Recognition and rewards for outstanding performance and contributions.

How to Stand Out

Review Ruby on Rails and Go fundamentals: Make sure you have a solid grasp of both languages and their ecosystems.
Understand Gitlab's products and mission: Familiarize yourself with Gitlab's DevSecOps platform and the role it plays in the industry.
Prepare examples of secure backend architecture: Be ready to discuss your experience with designing and implementing secure backend systems.
Highlight your collaboration skills: Emphasize your ability to work effectively in a distributed team environment.
Show enthusiasm for continuous learning: Demonstrate your passion for staying up-to-date with the latest technologies and methodologies.
Be prepared to discuss your experience with Kubernetes and GraphQL: Highlight any relevant experience you have with these technologies.
Research Gitlab's culture and values: Understand the company's values and be prepared to discuss how your own values align with theirs.

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.