The single application for the entire DevOps lifecycle
GitLab is a comprehensive DevOps platform headquartered in San Francisco, California, serving over 30,000 organizations including NASA, IBM, and Goldman Sachs. The platform integrates project planning, source code management, CI/CD, and monitoring into a single application, streamlining the software...
GitLab offers competitive salaries, equity options, unlimited PTO, and a flexible remote work policy, allowing employees to work from anywhere. They a...
GitLab is known for its remote-first culture, with a strong emphasis on transparency and collaboration across global teams. The company values results...
GitLab • Remote, APAC
GitLab is hiring a Senior Security Engineer for their Application Security team to conduct security-focused application design and architecture reviews. You'll work with GitLab engineers to ensure high-quality software delivery. This role requires expertise in security practices and tools.
You have a strong background in application security, with at least 5 years of experience in security engineering or a related field. You understand the importance of integrating security into the software development lifecycle and have a proven track record of conducting security assessments and reviews. Your expertise in OWASP principles and practices allows you to identify vulnerabilities and recommend effective remediation strategies. You are familiar with various security tools and technologies, and you can effectively communicate security concepts to both technical and non-technical stakeholders.
You thrive in collaborative environments and enjoy working closely with engineering teams to foster a culture of security awareness. You are proactive in identifying potential security risks and have experience implementing security best practices in software development. Your analytical mindset enables you to assess complex systems and identify areas for improvement. You are committed to continuous learning and staying updated on the latest security trends and threats.
Experience with cloud security and DevSecOps practices is a plus. Familiarity with security frameworks and compliance standards such as ISO 27001 or NIST is also beneficial. You may have experience with security automation tools and techniques, which can enhance your contributions to the team.
In this role, you will conduct security-focused application design and architecture reviews, collaborating with product teams to ensure that security is integrated into the development process from the outset. You will analyze application designs and provide actionable feedback to mitigate security risks. Your responsibilities will include performing threat modeling and vulnerability assessments, as well as developing security guidelines and best practices for the engineering teams.
You will work closely with developers to educate them on secure coding practices and assist in the implementation of security controls. Your role will involve monitoring and responding to security incidents, as well as conducting post-incident reviews to identify lessons learned and improve security posture. You will also contribute to the development of security training materials and participate in security awareness initiatives across the organization.
GitLab offers a flexible remote work environment, allowing you to work from anywhere in the APAC region. You will be part of a high-performance culture that values collaboration, innovation, and continuous improvement. We provide opportunities for professional development and encourage you to pursue certifications and training that enhance your skills. Join us in our mission to build a secure and reliable software development platform that empowers organizations worldwide.
Apply now or save it for later. Get alerts for similar jobs at GitLab.
