Define and drive the technical architecture for the SSCS Add-On, including backend systems for package policy enforcement, provenance generation, artifact signing, and malicious package detection.
Lead design and implementation work for Supply-chain Levels for Software Artifacts (SLSA) Level 2 and Level 3 capabilities within GitLab CI/CD.
Architect integrations with Sigstore services such as Cosign, Fulcio, and Rekor, including approaches for signing workflows, verification, and trust boundaries.
Design and implement backend features across the Add-On's software supply chain security surface.
Build and improve the package policy evaluation engine, including rule compilation, request matching, enforcement decisions, and performance-sensitive execution paths tied to GitLab's Dependency Firewall infrastructure.
Develop artifact signing and verification workflows, including Sigstore and Cosign integrations, signing key lifecycle management, keyless signing with OpenID Connect (OIDC), and policy-based promotion gates, enabling trusted and auditable software delivery.
GitLab is the intelligent orchestration platform for DevSecOps. More than 50 million registered users and more than 50% of the Fortune 100 trust GitLab to ship better, more secure software faster. The same principles built into our products are reflected in how our team works; they embrace AI as a core productivity multiplier, with all team members expected to incorporate AI into their daily workflows to drive efficiency, innovation, and impact.
Implement backend features across the Add-On's supply chain security product, including package policy integrations, ingestion pipeline improvements and delivering maintainable code.
Build and maintain integrations between Add-On functionality and GitLab's existing software composition analysis scanning infrastructure to improve a reliable user experience.
Write and maintain comprehensive automated test coverage, including RSpec and integration tests, to improve test reliability and support safe releases as the codebase grows.
GitLab is the intelligent orchestration platform for DevSecOps. More than 50 million registered users trust GitLab to ship better, more secure software faster. Their high-performance culture is driven by their values and continuous knowledge exchange, enabling their team members to reach their full potential while collaborating with industry leaders to solve complex problems.
Guide the design and implementation of backend features for GitLab Secret Detection in Ruby on Rails, GraphQL, and Go.
Build clean, well-tested, maintainable code that meets GitLab standards for reliability and performance.
Partner with product management and engineering peers to deliver backend capabilities that improve detection, validation, remediation, and audit trail coverage.
GitLab is the intelligent orchestration platform for DevSecOps. They enable organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. They have more than 50 million registered users and are a high-performance culture driven by their values and continuous knowledge exchange.
Implement complex features in dependency scanning and container scanning, shipping improvements that increase scan coverage, improve accuracy, and drive adoption of GitLab's SCA capabilities
Solve novel technical problems in SCA, establishing reusable patterns that reduce delivery time and improve engineering effectiveness across the team
Guide architectural and implementation decisions in collaboration with engineering managers, product managers, and peer staff engineers to improve scalability, reliability, and delivery outcomes across the team's SCA architecture
GitLab is the intelligent orchestration platform for DevSecOps. They enable organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. GitLab has more than 50 million registered users.
Make GitLab easier to deploy and more secure by default.
Improve installation, upgrade, and day-to-day operations.
GitLab is the intelligent orchestration platform for DevSecOps. They enable organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 50 million registered users trust them.
Design and develop next-generation Security Platform Management capabilities that strengthen GitLab’s enterprise security offering
Build and optimize scalable backend services and data models in Ruby on Rails with PostgreSQL for large volumes of security data
Develop and maintain robust REST and GraphQL APIs that power security workflows across the GitLab platform
GitLab is the intelligent orchestration platform for DevSecOps. With over 50 million registered users GitLab enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. They embrace AI as a core productivity multiplier, and value knowledge exchange, enabling team members to reach their full potential while collaborating with industry leaders to solve complex problems.
Implement and evolve the AI audit event pipeline, including event ingestion, schema normalization, storage design, partitioning, retention, and export capabilities.
Implement access control for AI Governance features by integrating permissions for audit logs, policy configuration, and governance dashboards into GitLab's existing authorization model.
Contribute backend functionality for the AI agent artifact feature, supporting structured storage and retrieval of agent run metadata alongside existing CI/CD artifacts.
GitLab is the intelligent orchestration platform for DevSecOps. They enable organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. The company has more than 50 million registered users and a high-performance culture driven by values and continuous knowledge exchange.
Implement well-scoped backend features across the AI Governance product area.
Build and maintain automated test coverage for your work using RSpec or equivalent tools.
Work closely with senior and staff engineers to deliver solutions that are reliable and maintainable.
GitLab is the intelligent orchestration platform for DevSecOps, enabling organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. The company has more than 50 million registered users and its culture embraces AI, valuing innovation and collaboration.
Build security tools and controls that are deployed across the company
Design, develop, and deploy new core security features to public Chainlink products like the Chainlink core node
Define new processes and systems that make attacks on our networks hard to execute and easy to detect
Chainlink Labs is the industry-standard oracle platform bringing the capital markets onchain and powering the majority of decentralized finance (DeFi). Many of the world’s largest financial services institutions have also adopted Chainlink’s standards and infrastructure.
Define and drive backend architecture for AI governance systems to improve governance coverage and enable reliable enterprise adoption.
Design the AI audit event system to deliver reliable audit visibility and support customer reporting and compliance requirements.
Build and guide the integration layer between the Duo Agent Platform and governance capabilities, reducing governance gaps across agent workflows.
GitLab is the intelligent orchestration platform for DevSecOps, enabling organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. The company has more than 50 million registered users, embraces AI, a high-performance culture, continuous knowledge exchange, and values every voice.
Guide the technical vision for GitLab’s cloud-native, self-managed deployments and upgrade workflows.
Design and maintain Kubernetes Operators, Helm charts, and upgrade orchestration tooling for self-managed GitLab deployments.
Drive observability, testing, performance, and resilience practices for self-managed deployments.
GitLab is the intelligent orchestration platform for DevSecOps, enabling organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. With over 50 million registered users, GitLab emphasizes AI integration and a high-performance culture driven by values and continuous knowledge exchange.
Develop software using the KnowBe4 Software Development Lifecycle and Agile Methodologies.
Assist other team members by providing technical direction.
Define approaches and solutions to complex technical problems.
KnowBe4 is a global leader in Human Risk Management, securing employees and AI agents for over 15 years, trusted by over 70,000 organizations worldwide. Their HRM+ combines continuous risk intelligence, advanced technical defenses, and personalized training to help organizations build strong security cultures.
Build the Git/GitHub backbone for our controls, assets, and risk scenarios.
Stand up a trust data lake (likely in Google BigQuery) and the pipelines that feed it.
Automate control evidence collection and other “governance as code” workflows.
Chainguard is the trusted source for open source, delivering hardened, secure, and production-ready builds of all the open source software engineers and AI agents rely on. Our customers include Fortune 500 enterprises and global industry leaders, and they are venture-backed by leading investors.
Lead the design and development of products and solutions for state governments and enterprise customers
Work side-by-side with customer delivery leads, engineers, and UX designers to ensure successful projects delivery and deployments
Translate customer requirements into technical architectures and working implementations
SpruceID builds privacy-preserving, standards-based digital identity and credentialing solutions. They give individuals control of their information while enabling governments and enterprises to deliver secure, interoperable services.
Build robust and reliable backend systems and APIs that power our growth.
Work with Go, Kafka, Kubernetes, Postgres, and MongoDB.
Design and implement technical solutions within existing architectures and standards.
UW aims to simplify utilities by providing them in one place, offering savings on energy, broadband, mobile, and insurance. They are focused on doubling in size and helping people save time and money with a commitment to innovation and tackling scale-driven problems.
Design, build and maintain complex backend systems
Collaborate with other engineers, PMs and non-technical stakeholders to develop and ship features
Find and solve performance issues
Ethos is a leading life insurance technology company transforming the life insurance experience for consumers, agents, and carriers. It is redefining how life insurance is bought, sold, and underwritten with its robust technology platform.
Be on the front lines, building capabilities into existing back-office systems to reduce manual work and consolidate disparate systems.
Create net-new backend services and capabilities, integrate with and build upon a wide range of existing backend and frontend services.
Collaborate directly with Global Operations teams to identify critical pain points, prioritize initiatives, translate operational needs into technical requirements.
Anchorage Digital is building the world’s most advanced digital asset platform for institutions to participate in crypto, providing integrated financial services and infrastructure solutions. They are a remote friendly, global team, but provide the option of working in-office.
Design, build, and maintain our build and deployment systems across a multi-repo, multi-language codebase.
Add efficiency, robustness, and security to our release processes by standing up automated tools or processes as necessary.
Integrate security and compliance workflows, including tools like Grype and SBOM generation for ATO/IATT processes.
TurbineOne is a fast-moving and high-performance startup with a mission to strengthen situational awareness for all Americans serving at our nation’s frontlines. They are backed by DefenseTech venture capitalists and their Frontline Perception System is an edge-first software platform.
Own product-level security across backend services, infrastructure, and CI/CD pipelines.
Lead threat modeling and security reviews for new features and architectural changes.
Identify high-impact, systemic security risks and drive long-term, preventive solutions.
Solflare is a fast-growing crypto wallet that aims to build a powerful gateway to Web3. Founded in 2021, Solflare has nearly 140 employees with offices in Zagreb, Belgrade, and Novi Sad, and it takes on bold challenges with curiosity, grit, and a deep sense of accountability in its culture.
Assist in designing and maintaining secure infrastructure on EKS in our multi-cloud environment (AWS) using Infrastructure as Code (Terraform).
Write code (Python, Go, or Bash) to automate manual tasks, threat detection, and vulnerability management processes.
Integrate security tools (SAST, DAST, SCA) into our CI/CD pipelines, ensuring developers receive fast, actionable feedback on their code.
Smartsheet helps people and teams achieve anything with seamless work management and scalable solutions. They empower teams to automate the manual, uncover insights, and scale smarter, creating space for impactful work. The company values diverse perspectives and supports employee growth.