Infrastructure Security Engineer (USA)

GitLab is the intelligent orchestration platform for DevSecOps. GitLab enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 50 million registered users and more than 50% of the Fortune 100* trust GitLab to ship better, more secure software faster. The same principles built into our products are reflected in how our team works: we embrace AI as a core productivity multiplier, with all team members expected to incorporate AI into their daily workflows to drive efficiency, innovation, and impact. GitLab is where careers accelerate, innovation flourishes, and every voice is valued. Our high-performance culture is driven by our values and continuous knowledge exchange, enabling our team members to reach their full potential while collaborating with industry leaders to solve complex problems. Co-create the future with us as we build technology that transforms how the world develops software. * Fortune 500® is a registered trademark of Fortune Media IP Limited, used under license. Claim based on GitLab data. Fortune 100 refers to the top 20% ranked companies in the 2025 Fortune 500 list, published in June 2025. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of GitLab. As a member of the Infrastructure Security Team within the Product Security Department you will work with teams across GitLab to ensure that the components that comprise our cloud infrastructure are built with the resiliency and security expectations that our customers depend on to power their software factories. We’re looking for an Intermediate Infrastructure Security Engineer to further our automation efforts in support of our GitLab Dedicated for Government product offering. You’ll have the opportunity to contribute to tooling that operates our FedRAMP environment, identify and develop remediations for infrastructure vulnerabilities, and partner with more senior engineers to review upcoming project architectures to ensure that they are built to the rigorous standards we hold. What you’ll do in this role: Support the Public Sector SRE team as a stable counterpart Identify and help mitigate security issues, misconfigurations, and vulnerabilities related to GitLab’s cloud, container and Kubernetes infrastructure Build tooling to increase our visibility into environments to expedite vulnerability detection Own efforts securing GitLab's FedRAMP environment Support other security teams as an Infrastructure SME Document best practices and remediations to help engineers learn from common vulnerability types Partner with senior engineers to review new architectures and projects and provide feedback cross-functionally Fulfill the Product Security Division Mission of securing GitLab Infrastructure with our own product (“dogfooding”) What you'll bring: Proof of U.S. citizenship and residency Hands-on experience with public cloud providers (ex. AWS, GCP, Azure) Development experience with Ruby, Python, Go Experience with Infrastructure-as-Code (IaC) tools (ex. Terraform, Ansible, Chef) Knowledge of the Linux operating system Familiarity with containers (Docker) and orchestration platforms (Kubernetes) An interest in Information Security Demonstrated experience working collaboratively with cross-functional teams. Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details Share our values , and work in accordance with those values The base salary range for this role’s listed level is currently for residents of the United States only. This range is intended to reflect the role's base salary rate in locations throughout the US. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team memb ... (truncated, view full listing at source)