Information Security Officer responsible for safeguarding Alberta's information assets. Protecting data integrity while managing cybersecurity threats and vulnerabilities.
About the role
- Director of Engineering leading GitLab's Security Risk Management platform development for enterprise-scale vulnerability analysis. Focusing on high-performance distributed systems design and collaboration with cross-functional teams.
Responsibilities
- Drive the evolution of GitLab's Security Risk Management (SRM) stage into a world-class platform for vulnerability analysis and remediation at enterprise scale.
- Own the technical strategy for processing, analyzing, and remediating vulnerabilities across massive codebases and complex enterprise environments.
- Design distributed systems architecture capable of processing vulnerability data from thousands of repositories, millions of commits, and complex dependency graphs in real-time.
- Drive storage system decisions for multi-petabyte security datasets, balancing query performance, cost efficiency, and data retention requirements across time-series, graph, and document storage paradigms.
- Architect scalable analysis pipelines that can ingest vulnerability feeds, correlate findings across multiple security tools, and provide actionable intelligence to both security teams and individual developers.
- Lead the technical evolution from monolithic security scanning to microservices-based, event-driven vulnerability management systems.
- Champion high-performance systems thinking throughout the team, establishing patterns for horizontal scaling, efficient resource utilization, and fault-tolerant distributed computing.
- Establish technical standards for system observability, chaos engineering, and performance optimization in security-critical systems.
- Mentor and develop senior engineers in distributed systems design, database optimization, and large-scale system architecture.
- Drive architectural decision records (ADRs) for major technical decisions, particularly around data storage, processing frameworks, and system boundaries.
- Own the end-to-end user journey (in partnership with PM) for both AppSec professionals managing enterprise-wide risk and developers receiving actionable security feedback in their workflow.
- Design APIs and interfaces that abstract complexity while providing the power and flexibility that security professionals demand.
- Collaborate with Product Management, UX and Product Design to translate complex technical capabilities into intuitive user experiences.
- Establish feedback loops with large enterprise customers to ensure our technical solutions scale with their organizational complexity.
- Evaluate and integrate cutting-edge technologies in areas such as graph databases, stream processing, machine learning inference at scale, and distributed caching, in collaboration with GitLab’s Infrastructure, Data and AI teams.
- Own the technical roadmap for vulnerability correlation, risk scoring, and automated remediation workflows.
- Drive partnerships with other GitLab stages to ensure seamless integration across the DevSecOps platform.
- Lead incident response for availability and performance issues in customer-facing security systems.
Requirements
- 10+ years of software engineering experience with 5+ years leading distributed systems at scale (>100M daily operations)
- Deep expertise in designing and operating high-throughput, low-latency distributed systems with complex data models
- Proven experience with polyglot persistence strategies, including relational databases (PostgreSQL, Cloud Spanner), time-series databases, graph databases, and distributed key-value stores
- Strong background in stream processing frameworks (Apache Kafka, Apache Flink, or similar) and event-driven architectures
- Hands-on experience with container orchestration (Kubernetes) and cloud-native observability stacks
- Security domain knowledge with understanding of vulnerability assessment, static analysis, dependency scanning, or application security testing.
- Proven track record of leading and growing high-performing engineering teams (40+ engineers)
- Experience transforming engineering culture and establishing technical excellence standards in fast-growing organizations
- Strong technical communication skills with ability to present complex architectural decisions to executive stakeholders
- Collaborative leadership style with experience working across multiple engineering teams and product stakeholders
- Systems thinking approach to complex technical problems with demonstrated ability to make appropriate trade-offs between performance, scalability, and maintainability
- Experience with A/B testing frameworks and data-driven decision making in technical contexts
- Track record of successfully delivering large-scale technical migrations or architectural transformations
- Startup or high-growth company experience with ability to balance technical debt with rapid feature delivery.
Benefits
- Benefits to support your health, finances, and well-being
- Flexible Paid Time Off
- Team Member Resource Groups
- Equity Compensation & Employee Stock Purchase Plan
- Growth and Development Fund
- Parental leave
- Home office support
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
Information Security Officer responsible for safeguarding Alberta’s information assets. Join a team driving critical cybersecurity initiatives across the Government of Alberta.
Senior Security Data Scientist at Desjardins Group utilizing AI for security enhancements. Analyzing data to support security operations and methodologies development for comprehensive analytics.
Lead Security Governance and TPRM functions at Affirm, a fintech company. Drive policy frameworks and manage vendor risks to ensure operational maturity.
Senior Software Engineer developing Data Security platform services for Abnormal AI. Leading initiatives in security and privacy, ensuring safe data handling across products and ecosystems.
Senior Software Engineer developing AI - powered security products at Sophos. Owning end - to - end product development from idea to production across frontend, backend, and APIs.
IT consultant providing security assessments and IT infrastructure reviews. Focused on identifying risks and delivering recommendations for improvement across multiple domains.
Lead Security Engineer at US Mobile building systems for the 21st century with a focus on fraud prevention and security integration across SDLC.
Manager, Cybersecurity & IT Risk ensuring audits and risk management practices at CNB. Collaborating with teams to address cybersecurity and IT controls issues effectively.
Security Principal at Optiv designing AI security solutions for clients, leveraging advanced security services and technologies. Driving pipeline generation and maintaining strong client relationships as a trusted advisor.