Sr., Professional Services Engineer - Security - United States

Professional Services Engineers engage with customers to provide installation, migration, training, and advisory services. They handle installations ranging from single-node Omnibus installs to our largest reference architectures utilizing IaC/CaC, migrations from multiple systems to GitLab SaaS or self-hosted, and advisory services across the entire GitLab feature stack.

Professional Services Engineers are expected to be able to interface not only with the customer, but with our GitLab Product/Engineering teams, to find the best route for customer success, and to help drive improvements into GitLab features and processes.

What you'll do

• Technical Delivery
  
• Design and implement secure GitLab solutions for Professional Services customer engagements from inception through delivery
• Ensure security compliance and best practices throughout the software development lifecycle
• Conduct security risk assessments and threat modeling for customer implementations
• Stay current with security threats, compliance requirements, and GitLab security features (Product Security Risk Register)
• Validate security controls and monitoring requirements are properly implemented
• Implement migrations between security scanning tools (e.g., SonarQube, Checkmarx, Veracode to GitLab Security Scanners)
• Customer Engagement
  
• Lead technical discovery sessions with security focus, understanding customer's compliance needs
• Ensure deliverables meet customer security and compliance expectations
• Coordinate and perform security implementation activities across internal teams, partners, and customers
• Knowledge Sharing and Practice Contributions
  
• Mentor PS and partner consultants on security best practices and implementation strategies
• Create security-focused documentation, delivery kits, and training materials
• Review and contribute to PS security training materials and presentations
• Develop security case studies, methodologies, and internal processes
• Hold security enablement sessions for PS team members
• Cross-functional Collaboration
  
• Provide input to GitLab Security teams on product security features and roadmap
• Liaise with Training, Development, Support, and Product teams on security matters
• Support Delivery Managers with security aspects of:
• Technical vetting of partner consultants
• New hire candidate evaluation
• Support Program Managers with forecast and timeline estimates

What you'll bring

• Technical Expertise
  
• Demonstrated experience in:
• Security architecture and implementation
• DevSecOps practices and tools
• SCM migration with security controls
• Secure cloud architecture and infrastructure
• Configuration and Infrastructure as Code tools (Ansible, Terraform, etc)
• CI/CD security integration
• GitLab security features and capabilities
• Security tool migration and transformation
• Planning and executing security tool migrations
• Mapping security findings between platforms
• Managing dismissed/accepted risk findings
• Building migration validation frameworks
• Security & Compliance
  
• Knowledge of security frameworks and standards:
• ISO 27001, NIST 800-53, SOC2
• GDPR, FedRAMP
• Familiar with AI RMF, ISO 42001 is a bonus
• Understanding of current security threats:
• Ransomware protection
• Supply chain security
• AI-related security risks
• Zero-trust architecture
• Professional Experience
  
• 8+ years of progressive experience in:
• Technical consulting
• Enterprise software development
• DevSecOps platform implementation
• Security program development
• Bachelor's Degree in Computer Science, Information Security, or equivalent experience
• Security / Cloud certifications preferred (CISSP, CISM, AWS Certified Security or similar)
• Soft Skills
  
• Excellent written and verbal communication skills
• Strong presentation and customer-facing abilities
• Demonstrated problem-solving and decision-making capabilities
• Effective project and time management skills
• Leadership experience in security contexts
• Ability to influence and drive security adoption
• Strong organizational and multi-tasking abilities
• Experience mentoring teams on security best practices
• Track record of developing security service offerings
• Ability to drive security transformation initiatives
• Experience with security vendor assessment and integration
• History of contributing to security community and thought leadership

How GitLab will support you

• Benefits to support your health, finances, and well-being
• All remote, asynchronous work environment
• Flexible PTO (paid time off)
• Team Member Resource Groups
• Equity Compensation & Employee Stock Purchase Plan
• Growth and development budget 
• Parental leave
• Home office support