New The Skills of Tomorrow: how AI-exposed is every skill in 2026? See the data →
GitLab

Engineering Manager, Software Supply Chain Security: Pipeline Security

GitLab
Apply →
remote senior full-time $131,600-$282,000 USD Remote, Canada; Remote, Israel; Remote, Netherlands; Remote, United Kingdom; Remote, US

First indexed 18 Jun 2026

Description

GitLab is seeking an Engineering Manager, Software Supply Chain Security: Pipeline Security to lead a team that makes GitLab CI pipelines more secure and trustworthy for thousands of organizations.

The successful candidate will guide the design and delivery of Software Supply Chain Security features, focusing on CI job artifact security, implementing the SLSA framework in GitLab CI/CD, and integrating related capabilities like SBOM, software composition analysis, and vulnerability management.

Responsibilities:

  • Lead a team of engineers building Software Supply Chain Security features with a focus on CI job artifact security.
  • Guide the design and implementation of SLSA compliance within GitLab CI/CD pipelines.
  • Collaborate with Product Managers to define, prioritize, and deliver the roadmap for supply chain security capabilities.
  • Partner with Security team members to ensure new and existing features meet GitLab's security standards and align with best practices.
  • Stay current with software supply chain security standards and tools, including SLSA, SBOM, software composition analysis, and vulnerability management.
  • Educate and advocate for supply chain security best practices across engineering teams.
  • Represent the Pipeline Security team in cross-functional initiatives and external industry forums.
  • Drive continuous improvement in team health, delivery predictability, and documentation quality.

Requirements:

  • Experience leading and developing engineering teams, with a focus on building secure, reliable product features.
  • Practical knowledge of software supply chain security concepts, tools, and industry standards.
  • Understanding of the SLSA framework and how to apply it in CI/CD pipelines.
  • Familiarity with software artifact provenance, attestation, and verification techniques.
  • Knowledge of secure software development practices, including container security, software composition analysis, and vulnerability management.
  • Experience working with CI/CD systems and their security considerations.

Benefits:

  • Benefits to support health, finances, and well-being
  • Flexible Paid Time Off
  • Team Member Resource Groups
  • Equity Compensation & Employee Stock Purchase Plan
  • Growth and Development Fund
  • Parental leave
  • Home office support
This listing is enriched and indexed by YubHub. To apply, use the employer's original posting: https://job-boards.greenhouse.io/gitlab/jobs/8339221002