Senior Professional Services Engineer, Security

1 Month ago • 8 Years +

Job Summary

Job Description

The Senior Professional Services Engineer, Security at GitLab will design and implement secure GitLab solutions for customer engagements, ensuring security compliance and best practices. They will conduct security risk assessments, stay current with security threats, and implement migrations between security scanning tools. The role involves customer engagement, including leading technical discovery sessions and coordinating security implementation activities. Additionally, the engineer will mentor consultants, create documentation, and contribute to security training. The engineer will also provide input to GitLab Security teams and support various teams with security aspects. This role requires experience in security architecture, DevSecOps, and cloud security, along with strong communication and problem-solving skills.

Must have:

Security architecture and implementation experience
DevSecOps practices and tools knowledge
SCM migration with security controls knowledge
Secure cloud architecture and infrastructure experience
Experience with CI/CD security integration
GitLab security features and capabilities knowledge

Good to have:

Knowledge of security frameworks and standards (ISO 27001, NIST 800-53, SOC2)
Understanding of current security threats like ransomware protection and AI-related risks
Security / Cloud certifications (CISSP, CISM, AWS Certified Security or similar)

Perks:

Benefits to support health, finances, and well-being
All remote, asynchronous work environment
Flexible PTO (paid time off)
Team Member Resource Groups
Equity Compensation & Employee Stock Purchase Plan
Growth and development budget
Parental leave
Home office support

18 skills required

18 skills required for this role

Add these skills to join the top 1% applicants for this job

saas-business-models

team-management

cross-functional

timeline-management

communication

leadership

budget-management

talent-acquisition

game-texts

cross-functional-collaboration

software-development-lifecycle-sdlc

gitlab

security-scanning

aws

ansible

terraform

sonarqube

ci-cd

Job Details

GitLab is an open core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations. Our mission is to enable everyone to contribute to and co-create the software that powers our world. When everyone can contribute, consumers become contributors, significantly accelerating the rate of human progress. This mission is integral to our culture, influencing how we hire, build products, and lead our industry. We make this possible at GitLab by running our operations on our product and staying aligned with our values. Learn more about Life at GitLab.

Thanks to products like Duo Enterprise, and Duo Workflow, customers get the benefit of AI at every stage of the SDLC. The same principles built into our products are reflected in how our team works: we embrace AI as a core productivity multiplier. All team members are encouraged and expected to incorporate AI into their daily workflows to drive efficiency, innovation, and impact across our global organisation.

Professional Services Engineers engage with customers to provide installation, migration, training, and advisory services. They handle installations ranging from single-node Omnibus installs, to our largest reference architectures utilizing IaC/CaC, migrations from multiple systems to GitLab SaaS or self-hosted, and advisory services across the entire GitLab feature stack.

Professional Services Engineers are expected to be able to interface not only with the customer, but with our GitLab Product/Engineering teams, to find the best route for customer success, and to help drive improvements into GitLab features and processes.

What you'll do

Technical Delivery
- Design and implement secure GitLab solutions for Professional Services customer engagements from inception through delivery
- Ensure security compliance and best practices throughout the software development lifecycle
- Conduct security risk assessments and threat modeling for customer implementations
- Stay current with security threats, compliance requirements, and GitLab security features (Product Security Risk Register)
- Validate security controls and monitoring requirements are properly implemented
- Implement migrations between security scanning tools (e.g., SonarQube, Checkmarx, Veracode to GitLab Security Scanners)
Customer Engagement
- Lead technical discovery sessions with security focus, understanding customer's compliance needs
- Ensure deliverables meet customer security and compliance expectations
- Coordinate and perform security implementation activities across internal teams, partners, and customers
Knowledge Sharing and Practice Contributions
- Mentor PS and partner consultants on security best practices and implementation strategies
- Create security-focused documentation, delivery kits, and training materials
- Review and contribute to PS security training materials and presentations
- Develop security case studies, methodologies, and internal processes
- Hold security enablement sessions for PS team members
Cross-functional Collaboration
- Provide input to GitLab Security teams on product security features and roadmap
- Liaise with Training, Development, Support, and Product teams on security matters
- Support Delivery Managers with security aspects of:
- Support Program Managers with forecast and timeline estimates

What you'll bring

Technical Expertise
- Demonstrated experience in:
- Planning and executing security tool migrations
- Mapping security findings between platforms
- Managing dismissed/accepted risk findings
- Building migration validation frameworks
Security & Compliance
- Knowledge of security frameworks and standards:
- Understanding of current security threats:
Professional Experience
- 8+ years of progressive experience in:
- Bachelor's Degree in Computer Science, Information Security, or equivalent experience
- Security / Cloud certifications preferred (CISSP, CISM, AWS Certified Security or similar)
Soft Skills
- Excellent written and verbal communication skills
- Strong presentation and customer-facing abilities
- Demonstrated problem-solving and decision-making capabilities
- Effective project and time management skills
- Leadership experience in security contexts
- Ability to influence and drive security adoption
- Strong organizational and multi-tasking abilities
- Experience mentoring teams on security best practices
- Track record of developing security service offerings
- Ability to drive security transformation initiatives
- Experience with security vendor assessment and integration
- History of contributing to security community and thought leadership

How GitLab will support you

Benefits to support your health, finances, and well-being
All remote, asynchronous work environment
Flexible PTO (paid time off)
Team Member Resource Groups
Equity Compensation & Employee Stock Purchase Plan
Growth and development budget
Parental leave
Home office support

Country Hiring Guidelines: GitLab hires new team members in countries around the world. All of our roles are remote, however some roles may carry specific location-based eligibility requirements. Our Talent Acquisition team can help answer any questions about location after starting the recruiting process.

Privacy Policy: Please review our Recruitment Privacy Policy. Your privacy is important to us.

GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. GitLab’s policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including family medical history), discharge status from the military, protected veteran status (which includes disabled veterans, recently separated veterans, active duty wartime or campaign badge veterans, and Armed Forces service medal veterans), or any other basis protected by law. GitLab will not tolerate discrimination or harassment based on any of these characteristics. See also GitLab’s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know during the recruiting process.