Associate Security Engineer - Application Security
An overview of this role
The Application Security team works with GitLab engineers and product teams to anticipate and prevent the introduction of vulnerabilities during design and development, ensuring delivery of high quality software GitLab customers can trust.
What you'll do
Assist with security-focused code reviews and threat models under guidance from senior team members
Manage triage of inbound new issues
Support product and development teams in basic application security activities
Help reproduce and document application security vulnerabilities clearly and constructively
Participate in bug bounty program triage and initial assessment
Support security release preparation activities
Contribute to documentation and security process improvements
What you’ll bring:
Ability to use GitLab effectively
Basic development or scripting experience (Ruby, Ruby on Rails, TypeScript, JavaScript, and/or Go preferred), and an ability to read and understand code for security review purposes
Foundational understanding of common security vulnerabilities and security impact frameworks (e.g., OWASP Top 10, STRIDE)
Basic familiarity with security tools and concepts
Strong written and verbal communication skills, and a collaborative mindset that enables you to work well with software development teams
Ability to learn quickly and adapt to new technologies
Bachelor's degree in Computer Science, Information Security, or related field, or equivalent practical experience
0-2 years of experience in application security, software development, or related field
Basic understanding of software development lifecycle processes
Nice to Have:
Familiarity with common security frameworks and standards (CVE, CWE, CVSS, etc)
How GitLab will support you
All remote, asynchronous work environment
Home office support
Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply to a job unless they meet every single qualification. If you're excited about this role, please apply and allow our recruiters to assess your application.
The base salary range for this role’s listed level is currently for residents of listed locations only. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, and alignment with market data. See more information on our benefits and equity. Sales roles are also eligible for incentive pay targeted at up to 100% of the offered base salary.
California/Colorado/Hawaii/New Jersey/New York/Washington/DC/Illinois/Minnesota pay range
$82,900—$125,800 USD
About the job
Apply for this position
Associate Security Engineer - Application Security
An overview of this role
The Application Security team works with GitLab engineers and product teams to anticipate and prevent the introduction of vulnerabilities during design and development, ensuring delivery of high quality software GitLab customers can trust.
What you'll do
Assist with security-focused code reviews and threat models under guidance from senior team members
Manage triage of inbound new issues
Support product and development teams in basic application security activities
Help reproduce and document application security vulnerabilities clearly and constructively
Participate in bug bounty program triage and initial assessment
Support security release preparation activities
Contribute to documentation and security process improvements
What you’ll bring:
Ability to use GitLab effectively
Basic development or scripting experience (Ruby, Ruby on Rails, TypeScript, JavaScript, and/or Go preferred), and an ability to read and understand code for security review purposes
Foundational understanding of common security vulnerabilities and security impact frameworks (e.g., OWASP Top 10, STRIDE)
Basic familiarity with security tools and concepts
Strong written and verbal communication skills, and a collaborative mindset that enables you to work well with software development teams
Ability to learn quickly and adapt to new technologies
Bachelor's degree in Computer Science, Information Security, or related field, or equivalent practical experience
0-2 years of experience in application security, software development, or related field
Basic understanding of software development lifecycle processes
Nice to Have:
Familiarity with common security frameworks and standards (CVE, CWE, CVSS, etc)
How GitLab will support you
All remote, asynchronous work environment
Home office support
Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply to a job unless they meet every single qualification. If you're excited about this role, please apply and allow our recruiters to assess your application.
The base salary range for this role’s listed level is currently for residents of listed locations only. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, and alignment with market data. See more information on our benefits and equity. Sales roles are also eligible for incentive pay targeted at up to 100% of the offered base salary.
California/Colorado/Hawaii/New Jersey/New York/Washington/DC/Illinois/Minnesota pay range
$82,900—$125,800 USD