Staff Backend Engineer (Go) - Software Supply Chain Security

About the Role

We are seeking a Staff Backend Engineer (Go) remote to join GitLab’s Software Supply Chain Security team. In this role, you will provide technical leadership for GitLab’s strategic investment in integrated secrets management, helping to secure the software development lifecycle for over 50 million users worldwide.

What You'll Do

• Lead the technical strategy for GitLab Secrets Manager, setting architecture direction for secure, multi-tenant secrets management at scale.
• Own the integration between GitLab and OpenBao, ensuring seamless namespaces, authentication mechanisms, and policy management.
• Collaborate with Pipeline Security, Authentication, and Platform teams to propose, review, and deliver cross-team secrets management improvements.
• Partner with GitLab.com Infrastructure teams to ensure secrets management meets reliability, performance, and operational requirements.
• Represent GitLab in the OpenBao open source project by contributing features upstream and participating in technical steering discussions.
• Mentor and advise engineers on secrets management, cryptographic systems, and secure architecture patterns.
• Engage with customers and external stakeholders to understand real-world needs and communicate GitLab’s secrets management capabilities.

Requirements

• Experience designing and operating secrets management systems (e.g., HashiCorp Vault, OpenBao).
• Ability to lead architecture decisions for resilient, multi-tenant services handling secrets operations at scale.
• Working knowledge of cryptographic and key management concepts.
• Experience implementing authentication and authorization integrations, such as JWT or OpenID Connect.
• Proficiency in building product integrations in Go and Ruby on Rails.
• Experience contributing to open source projects and working effectively with distributed governance.
• Strong communication and collaboration skills to influence across teams.

Nice to Have

• Experience with cloud-native offerings for secrets management.
• Familiarity with CI/CD pipelines and DevSecOps practices.
• Knowledge of secure coding practices and security best practices.

What We Offer

• Flexible Paid Time Off to support your work-life balance.
• Equity Compensation & Employee Stock Purchase Plan.
• Growth and Development Fund for professional development.
• Parental leave and home office support.
• A fully remote work environment with a high-performance culture.