GitLab is an open core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations. Our mission is to enable everyone to contribute to and co-create the software that powers our world. When everyone can contribute, consumers become contributors, significantly accelerating the rate of human progress. This mission is integral to our culture, influencing how we hire, build products, and lead our industry. We make this possible at GitLab by running our operations on our product and staying aligned with our values. Learn more about Life at GitLab.

Senior Security Technical Architect

at GitLab

Remote, Global

As a Security Technical Architect at GitLab, you’ll lead the design and implementation of secure enterprise solutions for our Professional Services clients. You’ll assess complex security architectures, guide security tool migrations, and implement GitLab’s security features while ensuring compliance with common frameworks. This role requires expertise in developing secure reference architectures with focus on cloud security, identity management, and vulnerability management.
Working closely with PS Engineers and Engagement Managers, you’ll provide technical leadership throughout project lifecycles, from security requirements gathering to implementation. 

You’ll be responsible for preserving customer security postures during migrations, implementing security scanning strategies, and enabling teams to leverage GitLab’s security capabilities effectively. Your experience with security architecture, enterprise security controls, and compliance frameworks will be crucial in delivering successful customer outcomes while maintaining security best practices throughout the engagement lifecycle.

Core Responsibilities

Extends all Intermediate Technical Architect Requirements and Responsibilities

Technical Leadership & Delivery

• Design and lead secure GitLab solution implementations for Professional Services client engagements from inception through delivery
• Ensure security compliance and best practices throughout the software development lifecycle
• Conduct security risk assessments and threat modeling for customer implementations
• Stay current with security threats, compliance requirements, and GitLab security features (Product Security Risk Register)
• Validate security controls and monitoring requirements are properly implemented
• Lead migrations between security scanning tools (e.g., SonarQube, Checkmarx, Veracode to GitLab Security Scanners)

Customer Engagement

• Lead technical discovery sessions with a security focus, understanding customer's compliance needs
• Support PS Engagement Managers in security-related SOW scoping and creation
• Provide security expertise during pre-sales and planning stages
• Ensure deliverables meet customer security and compliance expectations
• Coordinate security implementation activities across internal teams, partners, and customers

Mentorship & Knowledge Sharing

• Mentor PS and partner consultants on security best practices and implementation strategies
• Create security-focused documentation, delivery kits, and training materials
• Review and contribute to PS security training materials and presentations
• Develop security case studies, methodologies, and internal processes
• Hold security enablement sessions for PS team members

Cross-functional Collaboration

• Provide input to GitLab Security teams on product security features and roadmap
• Liaise with Training, Development, Support, and Product teams on security matters
• Support Delivery Managers with security aspects of:
• Technical vetting of partner consultants
• New hire candidate evaluation
• SOW staffing assessments

Requirements

Technical Expertise

• Demonstrated experience in:
• Delivery of secure enterprise architectures with expertise in application and cloud security
• DevSecOps practices and tools
• SCM migration with security controls
• Secure cloud architecture and infrastructure
• Configuration and Infrastructure as Code tools (Ansible, Terraform, etc)
• CI/CD security integration
• GitLab security features and capabilities
• Security tool migration and transformation

• Planning and executing security tool migrations
• Mapping security findings between platforms
• Managing dismissed/accepted risk findings
• Building migration validation frameworks

Security & Compliance

• Knowledge of security frameworks and standards:
• ISO 27001, NIST 800-53, SOC2
• GDPR, FedRAMP
• Familiar with AI RMF, ISO 42001 is a bonus
• Understanding of current security threats:
• Ransomware protection
• Supply chain security
• AI-related security risks
• Zero-trust architecture

Professional Experience

• 8+ years of progressive experience in:
• Technical consulting
• Enterprise software development
• DevOps platform implementation
• Security program development
• Bachelor's Degree in Computer Science, Information Security, or equivalent experience
• Security / Cloud certifications preferred (CISSP, CISM, AWS Certified Security or similar)

Soft Skills

• Excellent written and verbal communication skills
• Strong presentation and customer-facing abilities
• Demonstrated problem-solving and decision-making capabilities
• Effective project and time management skills
• Leadership experience in security contexts
• Ability to influence and drive security adoption
• Strong organizational and multi-tasking abilities

• Experience mentoring teams on security best practices
• Track record of developing security service offerings
• Ability to drive security transformation initiatives
• Experience with security vendor assessment and integration
• History of contributing to the security community and thought leadership

Performance Indicators

• 55% Billable Utilization Target
• Consistent contributions back to practice

How GitLab will support you

• Benefits to support your health, finances, and well-being
• All remote, asynchronous work environment
• Flexible Paid Time Off
• Team Member Resource Groups
• Equity Compensation & Employee Stock Purchase Plan
• Growth and development budget 
• Parental leave 
• Home office support

Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply to a job unless they meet every single qualification. If you're excited about this role, please apply and allow our recruiters to assess your application.

Country Hiring Guidelines: GitLab hires new team members in countries around the world. All of our roles are remote, however some roles may carry specific location-based eligibility requirements. Our Talent Acquisition team can help answer any questions about location after starting the recruiting process.  

Privacy Policy: Please review our Recruitment Privacy Policy. Your privacy is important to us.

GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. GitLab’s policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including family medical history), discharge status from the military, protected veteran status (which includes disabled veterans, recently separated veterans, active duty wartime or campaign badge veterans, and Armed Forces service medal veterans), or any other basis protected by law. GitLab will not tolerate discrimination or harassment based on any of these characteristics. See also GitLab’s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know during the recruiting process.