
Director of Engineering, Security Factory - Gitlab
Director of Engineering
Tap this card for salary charts and full compensation details.
Expand to unlock full salary context
See benchmark placement, pay-band comparison graph, and localized salary narrative.
Job Description
As Director of Engineering, Security Factory, you will lead the engineering organization responsible for GitLab’s customer-facing security capabilities across our AI-powered DevSecOps platform. You’ll help shape how customers detect, prioritize, and remediate vulnerabilities across modern software workflows by guiding teams that build proprietary scanners, AI-driven detection engines, agentic remediation flows, and supporting security foundations. Reporting to the VP of Engineering, Sec section, you’ll set the engineering vision and roadmap for a distributed group of nine teams, including engineering managers, and create the conditions for strong delivery, sound technical direction, and healthy team growth. Some examples of our projects include advanced proprietary scanners for Static Application Security Testing, Software Composition Analysis, Secret Detection, and related AI and machine learning detection engines. You’ll also lead agentic security flows for autofix and guided remediation, plus research that strengthens AI security, threat intelligence, vulnerability management, and security foundations. You’ll set the engineering vision and multi-quarter roadmap across teams working on proprietary scanners, AI-driven security workflows, research functions, vulnerability management, and security foundations. You’ll lead a distributed engineering organization of managers and individual contributors, with a focus on team performance, engagement, and career development. You’ll drive architectural decisions for AI and machine learning detection engines, agentic remediation flows, and scalable scanning infrastructure. Partner with product management to define priorities, shape requirements, and deliver security capabilities for customers in regulated and security-conscious environments. You’ll own the engineering delivery of GitLab’s proprietary application security scanners, agentic remediation workflows, and AI Security Research efforts. You’ll represent the Security Factory stage in cross-functional planning, executive reviews, security disclosures, and customer conversations. You’ll establish engineering standards for delivery, observability, incident response, scanner quality, and code quality. You’ll contribute to GitLab’s transparent, async-first way of working through issues, merge requests, and the GitLab handbook. You should have experience leading engineering organizations with multiple teams and managers in a distributed environment. A strong understanding of application security fundamentals, including Static Application Security Testing, Software Composition Analysis, secret detection, vulnerability management workflows, and software supply chain security, is required. Experience building detection, analysis, or scanning systems in a SaaS or DevSecOps environment, including trade-offs across precision, recall, latency, and scale, is essential. Direct experience shipping a customer-facing AI or machine learning product feature tied to detection or remediation quality outcomes is preferred. You should be able to partner closely with product management on roadmap planning, prioritization, and requirements in a product-led context. Strong written communication skills and comfort leading through clear documentation in a remote, async-first organization are necessary. A collaborative leadership style that supports teams, gives direct feedback, and aligns with GitLab’s values is important. Familiarity with agentic AI systems, AI agent orchestration, threat intelligence research, or open source security tooling is useful. About the team: The Security Factory builds customer-facing security capabilities of GitLab’s AI-powered DevSecOps platform, including nine teams working on proprietary scanners, AI detection, agentic remediation, research, vulnerability management, and security foundations. The team collaborates asynchronously across regions to improve detection quality, scale security workflows, and strengthen software supply chain security. Benefits include flexible paid time off, resource groups, equity compensation, growth funds, parental leave, and more. We welcome candidates with varying experience levels and from underrepresented groups. This role is remote and open to candidates in the UK and Israel.
Company Information
| Location | Active listings |
|---|---|
| Remote - Global | 161 |
| Remote - North America | 14 |
| Remote | 9 |
| Remote - EMEA | 5 |
| Remote - United States | 3 |
| Remote - Canada | 3 |
| Remote - Europe | 1 |
| Role type | Active listings |
|---|---|
| Backend Engineer | 23 |
| Solutions Architect | 9 |
| Product Manager | 8 |
| Software Engineer | 7 |
| Commercial Account Executive | 6 |
| Customer Success Manager | 5 |
| Human Resources Specialist | 5 |
| Sales Representative | 5 |
| Account Executive | 4 |
| Program Manager | 4 |
| Engineering Manager | 4 |
| Customer Success Engineer | 4 |
| New Business Account Executive | 4 |
| Regional Sales Director | 3 |
| Data Analyst | 3 |
| Strategic Account Executive | 3 |
| Regional Marketing Manager | 3 |
| Data Scientist | 2 |
| Field CTO | 2 |
| AI Engineer | 2 |
| Senior Manager | 2 |
| Site Reliability Engineer | 2 |
| Candidate Experience Specialist | 2 |
| Business Development Representative | 2 |
| Manager | 2 |
| Engagement Manager | 2 |
| Customer Experience Services Manager | 2 |
| Public Sector Strategic Account Executive | 1 |
| G&A Engineer | 1 |
| Legal Engineer | 1 |
| Product Design Manager | 1 |
| Solutions Architect Manager | 1 |
| Technical Program Manager | 1 |
| Technical Writing Director | 1 |
| Database Engineer | 1 |
| Data System Architect | 1 |
| Vice President | 1 |
| Contract Manager | 1 |
| Senior Engineering Manager | 1 |
| Software Engineering Manager | 1 |
| Enablement Lead | 1 |
| Executive Assistant | 1 |
| Procurement Analyst | 1 |
| Commercial Legal Counsel | 1 |
| Software Security Engineer | 1 |
| Ecosystem Sales Manager | 1 |
| Legal | 1 |
| Vice President of Engineering | 1 |
| Senior FP&A Analyst | 1 |
| Senior Recruiter | 1 |
| Sales Development | 1 |
| Financial Analyst | 1 |
| Support Manager | 1 |
| People Operations Partner | 1 |
| Infrastructure Security Engineer | 1 |
| Accounts Receivable Analyst | 1 |
| Customer Service Representative | 1 |
| Vice President, Legal Commercial | 1 |
| Renewals Director | 1 |
| Application Security Manager | 1 |
| Security Risk Management Engineer | 1 |
| Engineer | 1 |
| Director | 1 |
| Corporate Development Analyst | 1 |
| Customer Relationship Manager | 1 |
| Corporate Security Engineer | 1 |
| Project Manager | 1 |
| Architect | 1 |
| Product Marketing Manager | 1 |
| Sales Manager | 1 |
| Backend Developer | 1 |
| CPQ Developer | 1 |
| Field Strategist | 1 |
| Customer Success Architect | 1 |
| Stock Administrator | 1 |
| Infrastructure Security Manager | 1 |
| Program manager | 1 |
| Vice President, Data & Insights | 1 |
| Sales Development Representative | 1 |
| Researcher | 1 |
| Security Architect | 1 |
| Pricing Director | 1 |
| Public Sector Solutions Architect | 1 |
| Product Security Architecture Director | 1 |
| Principal Engineer | 1 |
| Business Development Executive | 1 |
| Major Account Executive | 1 |
| Executive Business Partner | 1 |
| HRIS Analyst | 1 |
| Product Management Specialist | 1 |
| Vulnerability Researcher | 1 |
| Security Engineer | 1 |
| Infrastructure Platforms Engineer | 1 |
| Data Architect | 1 |
| Professional Services Engineer | 1 |
| Enterprise Applications Engineer | 1 |
| Senior UX Researcher | 1 |
| Role level | Active listings |
|---|---|
| Mid-Level | 141 |
| Senior | 8 |
| Manager | 8 |
Gitlab appears in 196 indexed job postings in JobCrawls' Finland dataset since October 2023. In that historical index, the strongest location signals for this employer are Remote - Global, Remote - North America, and Remote.
Data shown is based on historical job postings from our database.
Job Details
Requirements
- Experience leading engineering organizations with multiple teams and managers in a distributed environment.
- Strong understanding of application security fundamentals, including Static Application Security Testing, Software Composition Analysis, secret detection, vulnerability management workflows, and software supply chain security.
- Experience building detection, analysis, or scanning systems in a SaaS or DevSecOps environment, including trade-offs across precision, recall, latency, and scale.
- Direct experience shipping a customer-facing AI or machine learning product feature tied to detection or remediation quality outcomes.
- Ability to partner closely with product management on roadmap planning, prioritization, and requirements in a product-led context.
- Strong written communication skills and comfort leading through clear documentation in a remote, async-first organization.
Education Level
None required