Staff Backend Engineer, Software Supply Chain Security: Secrets Management

What you'll do:

• Lead the technical strategy for GitLab Secrets Manager, setting architecture direction for secure, multi-tenant secrets management at scale.
• Own the integration between GitLab and OpenBao, including namespaces, authentication mechanisms, and policy management.
• Collaborate with Pipeline Security, Authentication, and Platform teams to propose, review, and deliver cross-team secrets management improvements.

What you'll bring:

• Experience designing and operating secrets management systems (for example, HashiCorp Vault, OpenBao, or cloud-native offerings), including secure storage, access control, and audit logging.
• Ability to lead architecture decisions for resilient, multi-tenant services that handle secrets operations at scale, including high availability and cluster management patterns.
• Working knowledge of cryptographic and key management concepts, such as encryption in transit and at rest, key derivation, and hardware security module (HSM) or PKCS#11 integrations.

About the team:

• The Secrets Management team sits within the Pipeline Security group in GitLab's Software Supply Chain Security stage.
• The team works closely with Authentication, Authorization, Compliance, and Platform counterparts to deliver secure defaults, reliable operations for GitLab.com, and product-grade integration between GitLab and OpenBao.
• Our core challenge is building multi-tenant secrets management at scale while balancing upstream open source collaboration with the needs of GitLab customers.