Staff Backend Engineer, SSCS: Supply Chain

An overview of this role:

• As a Staff Backend Engineer, you will help shape a major investment in our Software Supply Chain Security offering.
• You'll serve as a senior technical leader for backend systems that help customers secure how software is built, verified, and delivered inside the GitLab platform.
• You'll work on foundational capabilities across package policy enforcement, build provenance, artifact signing, and malicious package detection, with a strong focus on enterprise-grade security and performance.

What you’ll do:

• Define and drive the technical architecture for the SSCS Add-On.
• Lead design and implementation work for Supply-chain Levels for Software Artifacts (SLSA) Level 2 and Level 3 capabilities within GitLab CI/CD.
• Architect integrations with Sigstore services such as Cosign, Fulcio, and Rekor.

What you’ll bring:

• Strong experience building backend applications with Ruby on Rails in a high-scale production environment.
• Professional experience with Go for backend or infrastructure-oriented services.
• A track record of leading architecture across multiple systems and influencing technical direction through strong engineering judgment.