Engineering Manager, Software Supply Chain Security: Pipeline Security

Remote, Canada; Remote, Israel; Remote, Netherlands; Remote, United Kingdom; Remote, USRemotePosted February 5, 2026

Resume Keywords to Include

Make sure these keywords appear in your resume to improve ATS scoring

GitLabCI/CDDevOps

Job Description

GitLab is an open-core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations. Our mission is to enable everyone to contribute to and co-create the software that powers our world. When everyone can contribute, consumers become contributors, significantly accelerating human progress. Our platform unites teams and organizations, breaking down barriers and redefining what's possible in software development. Thanks to products like Duo Enterprise and Duo Agent Platform, customers get AI benefits at every stage of the SDLC.

The same principles built into our products are reflected in how our team works: we embrace AI as a core productivity multiplier, with all team members expected to incorporate AI into their daily workflows to drive efficiency, innovation, and impact. GitLab is where careers accelerate, innovation flourishes, and every voice is valued. Our high-performance culture is driven by our values and continuous knowledge exchange, enabling our team members to reach their full potential while collaborating with industry leaders to solve complex problems. Co-create the future with us as we build technology that transforms how the world develops software.

An overview of this role

As the Engineering Manager, Software Supply Chain Security: Pipeline Security, you’ll lead a team that makes GitLab CI pipelines more secure and trustworthy for thousands of organizations. You’ll guide the design and delivery of Software Supply Chain Security features, with a primary focus on CI job artifact security. This includes implementing the SLSA (Supply-chain Levels for Software Artifacts) framework in GitLab CI/CD and integrating related capabilities like SBOM, software composition analysis, and vulnerability management. You’ll treat your team as your product, safeguarding team health, hiring and developing a high-performing group of engineers, and collaborating closely with Product Management and Security to deliver on roadmap commitments. Together, you’ll improve how users protect their software supply chains in their first year and beyond.

Some examples of our projects:

What you’ll do

Lead a team of engineers building Software Supply Chain Security features with a focus on CI job artifact security.
Guide the design and implementation of SLSA (Supply-chain Levels for Software Artifacts) compliance within GitLab CI/CD pipelines.
Collaborate with Product Managers to define, prioritize, and deliver the roadmap for supply chain security capabilities.
Partner with Security team members to ensure new and existing features meet GitLab’s security standards and align with best practices.
Stay current with software supply chain security standards and tools, including SLSA, SBOM, software composition analysis, and vulnerability management. Translate what you learn into actionable product improvements.
Educate and advocate for supply chain security best practices across engineering teams to drive adoption of secure patterns in CI pipelines.
Represent the Pipeline Security team in cross-functional initiatives and, when appropriate, in external industry forums focused on software supply chain security.
Drive continuous improvement in team health, delivery predictability, and documentation quality for pipeline and supply chain security features.