Remote InfoSec Jobs

Where Cybersecurity Professionals Find Remote Work

Back to All Jobs

Engineering Manager, SSCS: Supply Chain

Gitlab
Location
Remote
Job Type
Full-time
Posted
March 27, 2026

Job Description

GitLab is the intelligent orchestration platform for DevSecOps. GitLab enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 50 million registered users and more than 50% of the Fortune 100* trust GitLab to ship better, more secure software faster.

The same principles built into our products are reflected in how our team works: we embrace AI as a core productivity multiplier, with all team members expected to incorporate AI into their daily workflows to drive efficiency, innovation, and impact. GitLab is where careers accelerate, innovation flourishes, and every voice is valued. Our high-performance culture is driven by our values and continuous knowledge exchange, enabling our team members to reach their full potential while collaborating with industry leaders to solve complex problems. Co-create the future with us as we build technology that transforms how the world develops software.

*Fortune 500® is a registered trademark of Fortune Media IP Limited, used under license. Claim based on GitLab data. Fortune 100 refers to the top 20% ranked companies in the 2025 Fortune 500 list, published in June 2025. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of GitLab.

An overview of this role

As an Engineering Manager, you’ll guide GitLab’s dedicated Software Supply Chain Security (SSCS) Add-On engineering team as it develops core capabilities including Dependency Firewall, Build Provenance, Malicious Packages detection, and Artifact Signing. This is a founding management role where you’ll help shape how the team works, partner closely with the Staff Backend Engineer, Product Manager, and SSCS stage management, and turn a defined roadmap into steady, high-quality delivery for enterprise customers with strict security and compliance needs. You’ll focus on developing the team, creating a healthy operating rhythm, and establishing predictable execution for the SSCS SKU.

You’ll join a product area where customers in regulated industries are already validating the need, and your work will help GitLab deliver software supply chain security features that customers can rely on. While technical credibility matters, your main focus will be growing a strong backend engineering team, enabling team members in their development, and creating the conditions for long-term delivery and quality.

What you’ll do

  • Guide a backend engineering team building the SSCS Add-On across dependency enforcement, build provenance, malicious package detection, and artifact signing.
  • Be responsible for Drive engineering delivery for general availability milestones by aligning sequencing, scope, and dependencies with the Staff Backend Engineer and Product Manager.
  • Develop the team by partnering with Talent Acquisition on sourcing, interview design, candidate evaluation, and hiring decisions.
  • Run regular 1:1s, performance reviews, and career development conversations that enable growth and clear expectations.
  • Advance engineering quality by monitoring cycle time, defect rates, and test coverage, and by addressing risks early.
  • Coordinate quarterly planning and roadmap tradeoff discussions with SSCS stage leadership and Product.
  • Work with Finance and other partners on headcount pacing and team planning as the Add-On scales.
  • Represent the SSCS Add-On team within stage leadership discussions and help ensure strong communication across functions.

GitLab is the intelligent orchestration platform for DevSecOps. GitLab enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 50 million registered users and more than 50% of the Fortune 100* trust GitLab to ship better, more secure software faster.

The same principles built into our products are reflected in how our team works: we embrace AI as a core productivity multiplier, with all team members expected to incorporate AI into their daily workflows to drive efficiency, innovation, and impact. GitLab is where careers accelerate, innovation flourishes, and every voice is valued. Our high-performance culture is driven by our values and continuous knowledge exchange, enabling our team members to reach their full potential while collaborating with industry leaders to solve complex problems. Co-create the future with us as we build technology that transforms how the world develops software.

*Fortune 500® is a registered trademark of Fortune Media IP Limited, used under license. Claim based on GitLab data. Fortune 100 refers to the top 20% ranked companies in the 2025 Fortune 500 list, published in June 2025. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of GitLab.

An overview of this role

As an Engineering Manager, you’ll guide GitLab’s dedicated Software Supply Chain Security (SSCS) Add-On engineering team as it develops core capabilities including Dependency Firewall, Build Provenance, Malicious Packages detection, and Artifact Signing. This is a founding management role where you’ll help shape how the team works, partner closely with the Staff Backend Engineer, Product Manager, and SSCS stage management, and turn a defined roadmap into steady, high-quality delivery for enterprise customers with strict security and compliance needs. You’ll focus on developing the team, creating a healthy operating rhythm, and establishing predictable execution for the SSCS SKU.

You’ll join a product area where customers in regulated industries are already validating the need, and your work will help GitLab deliver software supply chain security features that customers can rely on. While technical credibility matters, your main focus will be growing a strong backend engineering team, enabling team members in their development, and creating the conditions for long-term delivery and quality.

What you’ll do

  • Guide a backend engineering team building the SSCS Add-On across dependency enforcement, build provenance, malicious package detection, and artifact signing.
  • Be responsible for Drive engineering delivery for general availability milestones by aligning sequencing, scope, and dependencies with the Staff Backend Engineer and Product Manager.
  • Develop the team by partnering with Talent Acquisition on sourcing, interview design, candidate evaluation, and hiring decisions.
  • Run regular 1:1s, performance reviews, and career development conversations that enable growth and clear expectations.
  • Advance engineering quality by monitoring cycle time, defect rates, and test coverage, and by addressing risks early.
  • Coordinate quarterly planning and roadmap tradeoff discussions with SSCS stage leadership and Product.
  • Work with Finance and other partners on headcount pacing and team planning as the Add-On scales.
  • Represent the SSCS Add-On team within stage leadership discussions and help ensure strong communication across functions.

What you’ll bring

  • Experience guiding backend product engineering teams in security, DevSecOps, or platform engineering environments.
  • Ability to hire and grow backend or security engineers in distributed team environments, with practical understanding of the talent landscape for these roles.
  • Technical credibility to contribute to architecture discussions involving package registries, CI/CD pipeline security, and signing infrastructure.
  • Experience managing predictable delivery across multi-quarter product roadmaps and managing cross-team dependencies.
  • Comfort working in an asynchronous, documentation-driven organization with clear written communication.
  • Familiarity with supply chain security, artifact management, or compliance-focused product areas, or transferable experience from related domains.
  • Working knowledge of concepts related to frameworks and ecosystems such as SLSA and Sigstore.
  • Ability to build credibility with engineers, product partners, and customer-facing stakeholders through clear judgment, coaching, and teamwork.

About the team

The SSCS Add-On team is a product engineering team within GitLab’s Software Supply Chain Security stage. We work on key capabilities in the SSCS Add-On SKU and collaborate closely with product and engineering partners to deliver security features for customers operating in regulated environments. You’ll report to the SSCS Senior Engineering Manager and partner directly with the Staff Backend Engineer and Product Manager. As a distributed team working asynchronously across regions, we are focused on strong delivery practices, team health, and scaling the product area with clarity and accountability. For more on how related teams work, see Team Handbook Page.

How GitLab will support you

Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply to a job unless they meet every single qualification. If you're excited about this role, please apply and allow our recruiters to assess your application.

Country Hiring Guidelines: GitLab hires new team members in countries around the world. All of our roles are remote, ...

Ready to Apply?

Apply for this Position

You'll be redirected to the company's application page

Share this job:
Twitter LinkedIn

Job Information

Source: greenhouse
Remote Type: remote
Allowed Locations: Remote, India
Skills & Tags:
Sec Engineering