Senior Professional Services Engineer - Security
Professional Services Engineers engage with customers to provide installation, migration, training, and advisory services. They handle installations ranging from single-node Omnibus installs to our largest reference architectures utilizing IaC/CaC, migrations from multiple systems to GitLab SaaS or self-hosted, and advisory services across the entire GitLab feature stack.
Professional Services Engineers are expected to be able to interface not only with the customer, but with our GitLab Product/Engineering teams, to find the best route for customer success, and to help drive improvements into GitLab features and processes.
What you'll do
Technical Delivery
Design and implement secure GitLab solutions for Professional Services customer engagements from inception through delivery
Ensure security compliance and best practices throughout the software development lifecycle
Conduct security risk assessments and threat modeling for customer implementations
Stay current with security threats, compliance requirements, and GitLab security features (Product Security Risk Register)
Validate security controls and monitoring requirements are properly implemented
Implement migrations between security scanning tools (e.g., SonarQube, Checkmarx, Veracode to GitLab Security Scanners)
Customer Engagement
Lead technical discovery sessions with security focus, understanding customer's compliance needs
Ensure deliverables meet customer security and compliance expectations
Coordinate and perform security implementation activities across internal teams, partners, and customers
Knowledge Sharing and Practice Contributions
Mentor PS and partner consultants on security best practices and implementation strategies
Create security-focused documentation, delivery kits, and training materials
Review and contribute to PS security training materials and presentations
Develop security case studies, methodologies, and internal processes
Hold security enablement sessions for PS team members
Cross-functional Collaboration
Provide input to GitLab Security teams on product security features and roadmap
Liaise with Training, Development, Support, and Product teams on security matters
Support Delivery Managers with security aspects of:
Technical vetting of partner consultants
New hire candidate evaluation
Support Program Managers with forecast and timeline estimates
What you'll bring
Technical Expertise
Demonstrated experience in:
Security architecture and implementation
DevSecOps practices and tools
SCM migration with security controls
Secure cloud architecture and infrastructure
Configuration and Infrastructure as Code tools (Ansible, Terraform, etc)
CI/CD security integration
GitLab security features and capabilities
Security tool migration and transformation
Planning and executing security tool migrations
Mapping security findings between platforms
Managing dismissed/accepted risk findings
Building migration validation frameworks
Security & Compliance
Knowledge of security frameworks and standards:
ISO 27001, NIST 800-53, SOC2
GDPR, FedRAMP
Familiar with AI RMF, ISO 42001 is a bonus
Understanding of current security threats:
Ransomware protection
Supply chain security
AI-related security risks
Zero-trust architecture
Professional Experience
8+ years of progressive experience in:
Technical consulting
Enterprise software development
DevSecOps platform implementation
Security program development
Bachelor's Degree in Computer Science, Information Security, or equivalent experience
Security / Cloud certifications preferred (CISSP, CISM, AWS Certified Security or similar)
Soft Skills
Excellent written and verbal communication skills
Strong presentation and customer-facing abilities
Demonstrated problem-solving and decision-making capabilities
Effective project and time management skills
Leadership experience in security contexts
Ability to influence and drive security adoption
Strong organizational and multi-tasking abilities
Experience mentoring teams on security best practices
Track record of developing security service offerings
Ability to drive security transformation initiatives
Experience with security vendor assessment and integration
History of contributing to security community and thought leadership
How GitLab will support you
All remote, asynchronous work environment
Flexible PTO (paid time off)
Home office support
The base salary range for this role’s listed level is currently for residents of listed locations only. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, and alignment with market data. See more information on our benefits and equity. Sales roles are also eligible for incentive pay targeted at up to 100% of the offered base salary.
California/Colorado/Hawaii/New Jersey/New York/Washington/DC/Illinois/Minnesota pay range
$128,520—$226,800 USD
About the job
Apply for this position
Senior Professional Services Engineer - Security
Professional Services Engineers engage with customers to provide installation, migration, training, and advisory services. They handle installations ranging from single-node Omnibus installs to our largest reference architectures utilizing IaC/CaC, migrations from multiple systems to GitLab SaaS or self-hosted, and advisory services across the entire GitLab feature stack.
Professional Services Engineers are expected to be able to interface not only with the customer, but with our GitLab Product/Engineering teams, to find the best route for customer success, and to help drive improvements into GitLab features and processes.
What you'll do
Technical Delivery
Design and implement secure GitLab solutions for Professional Services customer engagements from inception through delivery
Ensure security compliance and best practices throughout the software development lifecycle
Conduct security risk assessments and threat modeling for customer implementations
Stay current with security threats, compliance requirements, and GitLab security features (Product Security Risk Register)
Validate security controls and monitoring requirements are properly implemented
Implement migrations between security scanning tools (e.g., SonarQube, Checkmarx, Veracode to GitLab Security Scanners)
Customer Engagement
Lead technical discovery sessions with security focus, understanding customer's compliance needs
Ensure deliverables meet customer security and compliance expectations
Coordinate and perform security implementation activities across internal teams, partners, and customers
Knowledge Sharing and Practice Contributions
Mentor PS and partner consultants on security best practices and implementation strategies
Create security-focused documentation, delivery kits, and training materials
Review and contribute to PS security training materials and presentations
Develop security case studies, methodologies, and internal processes
Hold security enablement sessions for PS team members
Cross-functional Collaboration
Provide input to GitLab Security teams on product security features and roadmap
Liaise with Training, Development, Support, and Product teams on security matters
Support Delivery Managers with security aspects of:
Technical vetting of partner consultants
New hire candidate evaluation
Support Program Managers with forecast and timeline estimates
What you'll bring
Technical Expertise
Demonstrated experience in:
Security architecture and implementation
DevSecOps practices and tools
SCM migration with security controls
Secure cloud architecture and infrastructure
Configuration and Infrastructure as Code tools (Ansible, Terraform, etc)
CI/CD security integration
GitLab security features and capabilities
Security tool migration and transformation
Planning and executing security tool migrations
Mapping security findings between platforms
Managing dismissed/accepted risk findings
Building migration validation frameworks
Security & Compliance
Knowledge of security frameworks and standards:
ISO 27001, NIST 800-53, SOC2
GDPR, FedRAMP
Familiar with AI RMF, ISO 42001 is a bonus
Understanding of current security threats:
Ransomware protection
Supply chain security
AI-related security risks
Zero-trust architecture
Professional Experience
8+ years of progressive experience in:
Technical consulting
Enterprise software development
DevSecOps platform implementation
Security program development
Bachelor's Degree in Computer Science, Information Security, or equivalent experience
Security / Cloud certifications preferred (CISSP, CISM, AWS Certified Security or similar)
Soft Skills
Excellent written and verbal communication skills
Strong presentation and customer-facing abilities
Demonstrated problem-solving and decision-making capabilities
Effective project and time management skills
Leadership experience in security contexts
Ability to influence and drive security adoption
Strong organizational and multi-tasking abilities
Experience mentoring teams on security best practices
Track record of developing security service offerings
Ability to drive security transformation initiatives
Experience with security vendor assessment and integration
History of contributing to security community and thought leadership
How GitLab will support you
All remote, asynchronous work environment
Flexible PTO (paid time off)
Home office support
The base salary range for this role’s listed level is currently for residents of listed locations only. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, and alignment with market data. See more information on our benefits and equity. Sales roles are also eligible for incentive pay targeted at up to 100% of the offered base salary.
California/Colorado/Hawaii/New Jersey/New York/Washington/DC/Illinois/Minnesota pay range
$128,520—$226,800 USD