Intermediate Backend Engineer, Security Risk Management: Security Insights (Ruby)

An overview of this role

As a Backend Engineer in Security Insights, you will be working on vulnerability management features used daily by software engineers, application security engineers, and all the way up to CISOs. Our aim is to enable everyone to easily understand risk and mitigation of software exploits. All sizes of customers use our product offering, so this means we need to build systems that scale effectively while enabling our customers to achieve their goals efficiently.

You will join a full stack team, working together with product managers, designers, and frontend engineers to solve problems across the Security Insights domain.

What You’ll Do  

• Develop vulnerability management features and improvements to the GitLab product in a secure, well-tested, and performant way
• Collaborate with Product Management and other stakeholders within Engineering to maintain a high bar for quality
• Advocate for improvements to product quality, security, and performance
• Craft code that meets our internal standards for style, maintainability, and best practices for a high-scale web environment
• Conduct code reviews within our Code Review Guidelines and ensure community contributions receive a swift response
• Recognize impediments to our efficiency as a team ("technical debt"), propose and implement solutions
• Confidently ship features and improvements with minimal guidance and support from other team members; collaborate with the team on larger projects.
• Participate in on-call rotations to assist troubleshooting product operations, security operations, and urgent engineering issues.

What You’ll Bring 

• Significant professional experience with Ruby on Rails
• Strong experience with relational databases (postgres preferred).
• Demonstrated capacity to clearly and concisely communicate about complex technical, architectural, and/or organizational problems and propose thorough iterative solutions
• Experience with performance and optimization problems and a demonstrated ability to both diagnose and prevent these problems
• Comfort working in a highly agile, intensely iterative software development process
• Effective communication skills: Regularly achieve consensus with peers, provide clear and consistent status updates, with a positive and solution-oriented mindset.
• Experience owning a project from concept to production, including proposal, discussion, and execution
• Self-motivated and self-managing, with strong organizational skills

About the team

Security Insights is part of our Security Risk Management DevSecOps stage, and is specifically responsible for the Vulnerability Management category. Vulnerability management is the process of identifying, prioritizing, and tracking vulnerabilities in assets and applications. At its very simplest, vulnerability management aims to help security professionals efficiently and effectively determine what weaknesses to address in what order.

More information about our team:

• Engineering sub-department handbook page
• How we do planning
• Priorities and Planning epic

• Benefits to support your health, finances, and well-being
• All remote, asynchronous work environment
• Flexible Paid Time Off
• Team Member Resource Groups
• Equity Compensation & Employee Stock Purchase Plan
• Growth and development budget 
• Parental leave 
• Home office support

Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply to a job unless they meet every single qualification. If you're excited about this role, please apply and allow our recruiters to assess your application.