Senior Backend Engineer

Role Overview

Join GitLab as a Senior Backend Engineer on the Secret Detection team. You’ll build backend services, scanning workflows, and remediation paths to help prevent leaked secrets from reaching production, supporting the full secret management lifecycle.

Key Missions

• Contribute to the end-to-end secret management lifecycle, from protection and policy enforcement through pipeline-based scanning, validation, and auditability.
• Design and implement backend features for secret detection using Ruby on Rails, GraphQL, and Go.
• Improve detection quality by reducing false positives, strengthening secret validation workflows, and enabling faster, more effective remediation.

Responsibilities

• Build and operate backend systems powering Secret Detection across GitLab’s DevSecOps platform.
• Collaborate with product management and engineering peers in an async-first environment.
• Deliver secure, maintainable backend capabilities that improve coverage, reliability, and response time.

Requirements

• Experience investigating performance issues and improving backend reliability, efficiency, and maintainability.
• Experience building backend applications/services with Ruby on Rails; working knowledge of GraphQL and interest in backend-focused product development.
• Demonstrated ability to design and deliver secure, maintainable systems for production web applications at scale.
• Strong written and verbal communication, especially for remote async-first distributed teams.
• Ability to work cross-functionally with product, design, and technical writing.
• Security knowledge: common vulnerabilities, mitigation techniques, and secure coding practices.
• Background with security tools/products, especially related to code scanning or secret detection.

Nice to Have

• Transferable experience and willingness to grow into parts of the Go security stack.