Engineering Manager, Software Supply Chain Security: Authorization

4 Weeks ago • All levels • $131,600 PA - $282,000 PA

Job Summary

Job Description

As an Engineering Manager for the Authorization team at GitLab, you'll lead a group of engineers working on authorization systems. You will be at the forefront of implementing Fine-Grained Access Control and developing a new policy-as-code approach. You will also focus on nurturing your team's health, hiring talent, and defining the roadmap for authorization features. The role involves staying updated with industry standards, collaborating with the security team, and representing GitLab in industry forums. This is a critical infrastructure role for GitLab, which requires leading a team focused on developing features for Software Supply Chain Security, with a primary focus on authorization systems and user permission models.
Must have:
  • Experience with authorization systems and access control models.
  • Understanding of policy-as-code approaches.
Good to have:
  • Familiarity with identity federation concepts and tools.
  • Experience implementing SLSA compliance in production environments.
Perks:
  • Benefits to support your health, finances, and well-being
  • All remote, asynchronous work environment
  • Flexible Paid Time Off
  • Team Member Resource Groups
  • Equity Compensation & Employee Stock Purchase Plan
  • Growth and Development Fund
  • Parental leave
  • Home office support

Job Details

GitLab is an open core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations. Our mission is to enable everyone to contribute to and co-create the software that powers our world. When everyone can contribute, consumers become contributors, significantly accelerating the rate of human progress. This mission is integral to our culture, influencing how we hire, build products, and lead our industry. We make this possible at GitLab by running our operations on our product and staying aligned with our values. Learn more about Life at GitLab.

Thanks to products like Duo Enterprise, and Duo Workflow, customers get the benefit of AI at every stage of the SDLC. The same principles built into our products are reflected in how our team works: we embrace AI as a core productivity multiplier. All team members are encouraged and expected to incorporate AI into their daily workflows to drive efficiency, innovation, and impact across our global organisation.

An overview of this role

As an Engineering Manager for the Authorization team at GitLab, you'll lead a talented group of engineers who are fundamentally transforming how permissions work across our platform. You'll be at the forefront of our major authorization systems redesign initiative, guiding your team through exciting challenges like implementing Fine-Grained Access Control and developing our new policy-as-code approach. 

At GitLab, we see our team as our product. While you'll need to be technically credible in authorization frameworks and identity management, your primary focus will be on nurturing your team's health, hiring exceptional talent, and positioning them for success. You'll collaborate closely with Product Managers to shape the roadmap for modern authorization features that balance security, usability, and performance at scale. This is a unique opportunity to lead critical infrastructure work that touches every part of the GitLab platform while helping transform our permission systems to be more secure, scalable, and flexible.

Your leadership will be instrumental as we transition from our current Declarative Policies framework to a more sophisticated policy-based system that supports advanced multi-tenancy features and reinforces GitLab's security posture. If you're passionate about building teams and systems that enable secure collaboration at scale, this role offers the chance to make a significant impact on GitLab's future.

This role is an extension of the Engineering Manager position.

What You’ll Do 

  • Lead a team focused on developing features for Software Supply Chain Security, with a primary focus on authorization systems and user permission models
  • Guide the implementation of advanced authorization controls across GitLab's platform
  • Collaborate with Product Managers to define and prioritize the roadmap for Supply Chain Security and authorization features in particular
  • Stay current with industry standards and best practices in identity and access management, particularly least-privilege and zero-trust access models
  • Partner with Security team members to ensure features meet the highest security standards
  • Educate and advocate for supply chain security best practices across GitLab
  • Represent GitLab in industry forums related to software supply chain security when appropriate

What You’ll Bring 

  • Experience with authorization systems, identity management, and access control models
  • Understanding of policy-as-code approaches (ideally familiarity with Cedar, Rego, or similar policy languages)
  • Knowledge of modern authorization frameworks like RBAC, ABAC, FGAC and context-aware authorization systems
  • Familiarity with identity federation concepts and tools
  • Strong technical leadership abilities to guide the team through complex architectural transitions
  • Experience implementing SLSA compliance in production environments is ideal, but not required

Performance Indicators

In addition to the standard Engineering Manager performance indicators, this role will also be measured on:

  • Successful implementation of components for the GitLab authorization components and IAM
  • Adoption rate of new authorization features by GitLab users
  • Reduction in security vulnerabilities related to authorization sub-systems
  • Integration completeness with other GitLab security features
  • Community engagement around GitLab's supply chain security capabilities
  • Documentation quality for supply chain security features

About the team

The Authorization team is responsible for building and maintaining GitLab's permission systems to be more secure, scalable, and flexible. We're currently embarking on a major authorization systems redesign initiative that will fundamentally transform how authorization works across GitLab. The team is focused on key projects including Fine-Grained Access Control, Policy Standardization, and developing a new policy-as-code approach that will replace our current Declarative Policies framework. This work is critical to GitLab's security posture, performance at scale, and ability to support advanced multi-tenancy features.

You can learn more about our team here

How GitLab will support you

Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply to a job unless they meet every single qualification. If you're excited about this role, please apply and allow our recruiters to assess your application.

The base salary range for this role’s listed level is currently for residents of listed locations only. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, and alignment with market data. See more information on our benefits and equity. Sales roles are also eligible for incentive pay targeted at up to 100% of the offered base salary.

California/Colorado/Hawaii/New Jersey/New York/Washington/DC/Illinois/Minnesota pay range

$131,600 - $282,000 USD

Similar Jobs

Autodesk - Senior User Experience Designer

Autodesk

Pune, Maharashtra, India (Hybrid)
1 Week ago
Synechron - Power BI Engineer

Synechron

Belgrade, Serbia (Hybrid)
1 Month ago
WebTech Corporation - Signal Engineer III

WebTech Corporation

Wayne, Pennsylvania, United States (On-Site)
1 Week ago
Philips - Lead Content Developer & Instructional Designer – Ultrasound

Philips

Bothell, Washington, United States (On-Site)
3 Weeks ago
Scopely - Senior Server Engineer (Platform)

Scopely

Barcelona, Catalonia, Spain (Hybrid)
3 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

London stock Exchange - Collections Leader - Operations

London stock Exchange

Gdynia, Pomeranian Voivodeship, Poland (On-Site)
3 Weeks ago
Aptive - Senior Mechanical Product Engineer

Aptive

Warren, Ohio, United States (On-Site)
1 Month ago
MSKC GAME STUDIO   - Game Artist

MSKC GAME STUDIO

Bengaluru, Karnataka, India (On-Site)
10 Months ago
Thales - ALTERNANCE - Workforce Manager - F/H

Thales

Aix-en-Provence, Provence-Alpes-Côte D'Azur, France (On-Site)
1 Month ago
Addepar - Product Data Analyst

Addepar

United States (On-Site)
1 Month ago
PlayerUnknown Productions - IT Manager (Part-Time)

PlayerUnknown Productions

Amsterdam, North Holland, Netherlands (Hybrid)
7 Months ago
MiQ - Account Manager (German Speaker)

MiQ

London, England, United Kingdom (On-Site)
1 Month ago
Expedia - Salesforce Software Development Engineer II

Expedia

Seattle, Washington, United States (On-Site)
2 Weeks ago
Anthology  Inc  - Scrum Master II

Anthology Inc

Chennai, Tamil Nadu, India (Hybrid)
1 Month ago
bytedance - Immersive Video Research Intern (Multimedia Streaming) 2023 Summer/Fall (BS)

bytedance

Seattle, Washington, United States (On-Site)
7 Months ago

Get notifed when new similar jobs are uploaded

Jobs in Worldwide

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Similar Category Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!