Senior Security Engineer - Enterprise AI Security
We're looking for a Senior Security Engineer to lead security for GitLab's internal AI initiatives. You'll establish security frameworks for AI/ML systems used by our global workforce, ensuring responsible AI adoption while protecting against AI-specific threats.
What you'll do:
Design AI Security Architecture: Build comprehensive security frameworks for internal AI systems, including LLMs, productivity tools, and AI-powered business applications used by GitLab team members.
Secure Model Context Protocol (MCP) Implementations: Monitor and secure MCP server deployments, establish authentication standards, and implement monitoring for MCP interactions across internal tools and development environments
Manage Non-Human Identities: Architect identity management systems for AI agents, service accounts, and automated systems. Implement zero-trust principles and least-privilege access controls for machine-to-machine communications
Govern Internal AI Tool Usage: Secure employee use of AI assistants (ChatGPT, Claude, through DLP controls, monitoring, and policy enforcement while protecting intellectual property and confidential data.
Product & Product Security Collaboration: Work with our Product and Product Security teams as necessary on GitLab Duo and other internal use cases.
Implement Data Protection Controls: Prevent sensitive corporate data leakage through AI systems, establish data classification frameworks, and design privacy-preserving techniques for internal AI analytics
Drive Cross-Functional Collaboration: Partner with IT, Legal, Product, Product Security and business teams to enable secure AI adoption, provide security training, and evaluate new AI tools through procurement processes
What you'll bring:
5+ years information security experience with 2+ years in enterprise AI/ML security
Deep expertise in enterprise AI adoption, shadow IT risks, and data loss prevention
Strong experience with identity and access management, particularly non-human identity governance
Proven experience managing service accounts, API keys, certificates, secrets management, and automated system authentication
Proficiency in cloud security (AWS, GCP, Azure) and scripting (Python, Go, Ruby, Node.js)
Understanding of API security, OAuth, SAML, and modern authentication protocols
Excellent communication skills for GitLab's transparent, asynchronous, and global culture
Preferred Qualifications:
Experience with Model Context Protocol (MCP) and similar AI integration protocols
Hands-on experience managing enterprise AI deployments and governance programs
Knowledge of browser security, endpoint protection, and remote work security considerations
Experience with Enterprise AI platforms (OpenAI, Anthropic, Google Vertex AI, AWS Bedrock, etc)
Published research or contributions to enterprise AI security communities
How GitLab will support you
All remote, asynchronous work environment
Home office support
Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply to a job unless they meet every single qualification. If you're excited about this role, please apply and allow our recruiters to assess your application.
The base salary range for this role’s listed level is currently for residents of listed locations only. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, and alignment with market data. See more information on our benefits and equity. Sales roles are also eligible for incentive pay targeted at up to 100% of the offered base salary.
California/Colorado/Hawaii/New Jersey/New York/Washington/DC/Illinois/Minnesota pay range
$124,300—$239,800 USD
About the job
Apply for this position
Senior Security Engineer - Enterprise AI Security
We're looking for a Senior Security Engineer to lead security for GitLab's internal AI initiatives. You'll establish security frameworks for AI/ML systems used by our global workforce, ensuring responsible AI adoption while protecting against AI-specific threats.
What you'll do:
Design AI Security Architecture: Build comprehensive security frameworks for internal AI systems, including LLMs, productivity tools, and AI-powered business applications used by GitLab team members.
Secure Model Context Protocol (MCP) Implementations: Monitor and secure MCP server deployments, establish authentication standards, and implement monitoring for MCP interactions across internal tools and development environments
Manage Non-Human Identities: Architect identity management systems for AI agents, service accounts, and automated systems. Implement zero-trust principles and least-privilege access controls for machine-to-machine communications
Govern Internal AI Tool Usage: Secure employee use of AI assistants (ChatGPT, Claude, through DLP controls, monitoring, and policy enforcement while protecting intellectual property and confidential data.
Product & Product Security Collaboration: Work with our Product and Product Security teams as necessary on GitLab Duo and other internal use cases.
Implement Data Protection Controls: Prevent sensitive corporate data leakage through AI systems, establish data classification frameworks, and design privacy-preserving techniques for internal AI analytics
Drive Cross-Functional Collaboration: Partner with IT, Legal, Product, Product Security and business teams to enable secure AI adoption, provide security training, and evaluate new AI tools through procurement processes
What you'll bring:
5+ years information security experience with 2+ years in enterprise AI/ML security
Deep expertise in enterprise AI adoption, shadow IT risks, and data loss prevention
Strong experience with identity and access management, particularly non-human identity governance
Proven experience managing service accounts, API keys, certificates, secrets management, and automated system authentication
Proficiency in cloud security (AWS, GCP, Azure) and scripting (Python, Go, Ruby, Node.js)
Understanding of API security, OAuth, SAML, and modern authentication protocols
Excellent communication skills for GitLab's transparent, asynchronous, and global culture
Preferred Qualifications:
Experience with Model Context Protocol (MCP) and similar AI integration protocols
Hands-on experience managing enterprise AI deployments and governance programs
Knowledge of browser security, endpoint protection, and remote work security considerations
Experience with Enterprise AI platforms (OpenAI, Anthropic, Google Vertex AI, AWS Bedrock, etc)
Published research or contributions to enterprise AI security communities
How GitLab will support you
All remote, asynchronous work environment
Home office support
Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply to a job unless they meet every single qualification. If you're excited about this role, please apply and allow our recruiters to assess your application.
The base salary range for this role’s listed level is currently for residents of listed locations only. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, and alignment with market data. See more information on our benefits and equity. Sales roles are also eligible for incentive pay targeted at up to 100% of the offered base salary.
California/Colorado/Hawaii/New Jersey/New York/Washington/DC/Illinois/Minnesota pay range
$124,300—$239,800 USD