Engineering Manager - Software Supply Chain Security: Auth Infrastructure
An overview of this role
As an Engineering Manager for the Auth Infrastructure team at GitLab, you’ll lead a distributed group of engineers building the core infrastructure that powers authentication and authorization across all GitLab deployment models. You’ll focus on secure, performant, and reliable identity services at global scale, enabling our move toward a zero-trust architecture and a more modular, microservices-based platform. While you’ll bring deep technical experience with distributed systems, proxy technologies, infrastructure security, and languages like Go or Rust, your primary impact will come from building and supporting a healthy team, hiring and developing great talent, and partnering closely with Authentication, Authorization, Platform, Infrastructure, Cells Architecture, and Runner teams to ensure the auth infrastructure layer meets their needs. In your first year, you’ll be instrumental in shaping the foundation of GitLab’s Identity and Access Management services, from Envoy-based proxy layers and token services to policy decision infrastructure that serves millions of requests per second across GitLab.com, self-managed, Dedicated, and air-gapped environments.
Some examples of our projects:
Designing and operating an Envoy-based proxy layer that handles millions of authentication requests per second with mTLS, short-lived certificates, and service mesh patterns
Delivering zero-downtime migrations of authentication infrastructure and resilient token services that enable policy-based authorization at scale
What you’ll do
Lead the Auth Infrastructure engineering team, setting clear direction, enabling strong execution, and supporting team health and growth
Drive the design and implementation of GitLab’s authentication infrastructure, including Envoy proxy configuration, token services, and policy decision components
Solve complex infrastructure challenges such as bi-directional gRPC tunnels, mTLS implementation, short-lived certificate management, and service mesh architecture
Ensure the authentication infrastructure reliably supports all GitLab deployment models, including GitLab.com, self-managed, Dedicated, and air-gapped environments
Lead performance optimization efforts for authentication and authorization at scale, focusing on low-latency, high-throughput decision making
Develop and maintain robust monitoring, observability, and debugging capabilities for distributed authentication systems
Collaborate closely with Authentication, Authorization, Platform, Infrastructure, Cells Architecture, and Runner teams to align infrastructure capabilities with their needs and ensure seamless integration
Hire, mentor, and develop engineers, and build processes that support sustainable delivery and continuous improvement within the Auth Infrastructure team
What you’ll bring
Experience leading and developing infrastructure-focused engineering teams, with a focus on distributed systems and reliability
Proficiency with proxy and edge routing technologies such as Envoy, Traefik, HAProxy, or nginx, including design and configuration at scale
Hands-on background in Go and/or Rust for building and operating high-performance backend or infrastructure services
Familiarity with service mesh architectures, mTLS, and zero-trust networking concepts, including short-lived certificates and secure tunnels (for example, gRPC)
Understanding of token and identity systems such as JWT or Macaroons, including cryptographic signing, key management, and integration with authentication flows
Experience with database and storage technologies such as RDS, Google Spanner, Postgres, or similar, and how they support authentication workloads
Knowledge of Kubernetes, container orchestration, and cloud-native deployment patterns, including observability, debugging, and performance optimization for distributed systems
Experience with infrastructure automation, CI/CD, and GitOps practices, and an interest in applying transferable skills from related domains or backgrounds to authentication infrastructure work
About the team
The Auth Infrastructure team at GitLab is one of three authentication-focused teams within GitLab’s Software Supply Chain Security stage, and we are responsible for the infrastructure foundation that powers authentication and authorization across all GitLab deployment models. Our team is composed of distributed systems and infrastructure engineers working asynchronously across regions, collaborating closely with the Authentication and Authorization teams for product requirements and integration, the Platform and Infrastructure teams for deployment and operations, the Cells Architecture team for multi-tenant routing and isolation, and the Runner team for CI/CD authentication needs. We focus on solving complex challenges such as building and operating a proxy layer that can handle millions of requests per second, enabling zero-downtime migrations of authentication infrastructure, designing resilient token and identity services, and establishing the core building blocks for policy-based authorization at global scale.
The base salary range for this role’s listed level is currently for residents of the United States only. This range is intended to reflect the role's base salary rate in locations throughout the US. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, alignment with market data, and geographic location. The base salary range does not include any bonuses, equity, or benefits. See more information on our benefits and equity. Sales roles are also eligible for incentive pay targeted at up to 100% of the offered base salary.
United States Salary Range
$131,600—$282,000 USD
About the job
Apply for this position
Engineering Manager - Software Supply Chain Security: Auth Infrastructure
An overview of this role
As an Engineering Manager for the Auth Infrastructure team at GitLab, you’ll lead a distributed group of engineers building the core infrastructure that powers authentication and authorization across all GitLab deployment models. You’ll focus on secure, performant, and reliable identity services at global scale, enabling our move toward a zero-trust architecture and a more modular, microservices-based platform. While you’ll bring deep technical experience with distributed systems, proxy technologies, infrastructure security, and languages like Go or Rust, your primary impact will come from building and supporting a healthy team, hiring and developing great talent, and partnering closely with Authentication, Authorization, Platform, Infrastructure, Cells Architecture, and Runner teams to ensure the auth infrastructure layer meets their needs. In your first year, you’ll be instrumental in shaping the foundation of GitLab’s Identity and Access Management services, from Envoy-based proxy layers and token services to policy decision infrastructure that serves millions of requests per second across GitLab.com, self-managed, Dedicated, and air-gapped environments.
Some examples of our projects:
Designing and operating an Envoy-based proxy layer that handles millions of authentication requests per second with mTLS, short-lived certificates, and service mesh patterns
Delivering zero-downtime migrations of authentication infrastructure and resilient token services that enable policy-based authorization at scale
What you’ll do
Lead the Auth Infrastructure engineering team, setting clear direction, enabling strong execution, and supporting team health and growth
Drive the design and implementation of GitLab’s authentication infrastructure, including Envoy proxy configuration, token services, and policy decision components
Solve complex infrastructure challenges such as bi-directional gRPC tunnels, mTLS implementation, short-lived certificate management, and service mesh architecture
Ensure the authentication infrastructure reliably supports all GitLab deployment models, including GitLab.com, self-managed, Dedicated, and air-gapped environments
Lead performance optimization efforts for authentication and authorization at scale, focusing on low-latency, high-throughput decision making
Develop and maintain robust monitoring, observability, and debugging capabilities for distributed authentication systems
Collaborate closely with Authentication, Authorization, Platform, Infrastructure, Cells Architecture, and Runner teams to align infrastructure capabilities with their needs and ensure seamless integration
Hire, mentor, and develop engineers, and build processes that support sustainable delivery and continuous improvement within the Auth Infrastructure team
What you’ll bring
Experience leading and developing infrastructure-focused engineering teams, with a focus on distributed systems and reliability
Proficiency with proxy and edge routing technologies such as Envoy, Traefik, HAProxy, or nginx, including design and configuration at scale
Hands-on background in Go and/or Rust for building and operating high-performance backend or infrastructure services
Familiarity with service mesh architectures, mTLS, and zero-trust networking concepts, including short-lived certificates and secure tunnels (for example, gRPC)
Understanding of token and identity systems such as JWT or Macaroons, including cryptographic signing, key management, and integration with authentication flows
Experience with database and storage technologies such as RDS, Google Spanner, Postgres, or similar, and how they support authentication workloads
Knowledge of Kubernetes, container orchestration, and cloud-native deployment patterns, including observability, debugging, and performance optimization for distributed systems
Experience with infrastructure automation, CI/CD, and GitOps practices, and an interest in applying transferable skills from related domains or backgrounds to authentication infrastructure work
About the team
The Auth Infrastructure team at GitLab is one of three authentication-focused teams within GitLab’s Software Supply Chain Security stage, and we are responsible for the infrastructure foundation that powers authentication and authorization across all GitLab deployment models. Our team is composed of distributed systems and infrastructure engineers working asynchronously across regions, collaborating closely with the Authentication and Authorization teams for product requirements and integration, the Platform and Infrastructure teams for deployment and operations, the Cells Architecture team for multi-tenant routing and isolation, and the Runner team for CI/CD authentication needs. We focus on solving complex challenges such as building and operating a proxy layer that can handle millions of requests per second, enabling zero-downtime migrations of authentication infrastructure, designing resilient token and identity services, and establishing the core building blocks for policy-based authorization at global scale.
The base salary range for this role’s listed level is currently for residents of the United States only. This range is intended to reflect the role's base salary rate in locations throughout the US. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, alignment with market data, and geographic location. The base salary range does not include any bonuses, equity, or benefits. See more information on our benefits and equity. Sales roles are also eligible for incentive pay targeted at up to 100% of the offered base salary.
United States Salary Range
$131,600—$282,000 USD