Rodeo
ResourcesPartnersSign in

GitLab

Director of Engineering, Security Factory

Remote, Israel
Posted 3 days ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Director of Engineering, Security Factory

Director of Engineering, Security Factory

GitLab is the intelligent orchestration platform for DevSecOps. GitLab enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 50 million registered users, and over 50% of the Fortune 100 trust us to ship better, more secure software faster.

The same principles built into our products reflect how our team works: we embrace AI as a core productivity multiplier, with team members expected to integrate AI into their workflows daily for efficiency, innovation, and impact. Here, careers accelerate, innovation thrives, and every voice is valued. GitLab’s high-performance culture is driven by its values and continuous knowledge exchange, enabling teams to reach their full potential.

OTTO—co-create the future with us as we build transformative software development technology.

Fortune 500® is a registered trademark of Fortune Media IP Limited, used under license. Fortune 100 refers to the top 20% ranked companies in the 2025 Fortune 500 list (published in June 2025).


About the Role

As Director of Engineering, Security Factory, you will lead the engineering organization responsible for GitLab’s customer-facing security capabilities across our AI-powered DevSecOps platform. You’ll shape how customers detect, prioritize, and remediate vulnerabilities in modern software workflows, working with teams that build:

  • Proprietary scanners for Static Application Security Testing, Software Composition Analysis (SCA), and Secret Detection
  • AI and machine learning-driven detection engines
  • Agentic remediation flows
  • Security foundations

Reporting to the VP of Engineering, Sec section, you’ll set the engineering vision and roadmap for a distributed group of nine teams, including engineering managers, ensuring strong delivery, technical direction, and healthy team growth.


What You’ll Do

Engineering Leadership & Strategy

  • Set the engineering vision and multi-quarter roadmap across teams focusing on proprietary scanners, AI-driven security workflows, research, vulnerability management, and security foundations.
  • Lead a distributed engineering organization, prioritizing team performance, engagement, and career development.
  • Drive architectural decisions for AI/ML detection engines, agentic remediation flows, and scalable scanning infrastructure.

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

Product & Cross-Functional Collaboration

  • Partner with product management to define priorities, shape requirements, and deliver security capabilities for regulated customers.
  • Ensure customer-facing solutions, including scanners, agentic remediation workflows, and AI Security Research.

Representation & Coordination

  • Represent Security Factory in cross-functional planning, executive reviews, security disclosures, and customer engagements.

Operational Governance

  • Establish engineering standards for delivery, observability, incident response, scanner quality, and code quality.
  • Contribute to GitLab’s transparent, async-first working culture through issues, merge requests, and the GitLab Handbook.

What You’ll Bring

Leadership Experience

  • Proven experience leading engineering organizations (including multiple teams and managers) in a distributed environment.
  • Collaborative leadership that supports teams, offers direct feedback, and aligns with GitLab’s values.

Technical Depth

  • Strong understanding of application security fundamentals:
    • Static Application Security Testing (SAST), Software Composition Analysis (SCA)
    • Secret detection, vulnerability management workflows
    • Software supply chain security
  • Experience building detection, analysis, or scanning systems in a SaaS or DevSecOps context, considering trade-offs like precision, recall, latency, and scale.
  • Direct experience shipping a customer-facing AI/ML product feature tied to detection or remediation quality.

Business & Communication

  • Ability to partner with product management on roadmap planning, prioritization, and requirements in a product-led context.
  • Strong writing skills and comfort with async communication in a remote-first organization.

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

Preferred (Not Required)

  • Familiarity with agentic AI systems, AI agent orchestration, or threat intelligence research.
  • Open-source security tooling experience.

About the Team

The Security Factory group builds GitLab’s customer-facing security capabilities in a distributed, async-first environment. The team spans nine subgroups including:

  • Proprietary scanners (e.g., SAST, SCA)
  • AI-driven detection engines
  • Agentic remediation workflows
  • Research, vulnerability management, and security foundations

Collaboratively scaling enterprise-grade security workflows and improving detection quality, the team focuses on software supply chain security.

For more details: [Sec Engineering Handbook](link if available in original).


How GitLab Supports Full-Time Employees

Health, Finances & Well-Being

  • Flexible Paid Time Off
  • Team Member Resource Groups
  • Equity Compensation & Employee Stock Purchase Plan
  • Parent support through Paternity/Maternity/Adoption Leave
  • Growth and Development Fund

GitLab welcomes diverse candidates—doesn’t have to meet every requirement to apply. Studies show underrepresented individuals often hold back if not fully qualified. Apply anyway; recruiters will evaluate based on fit.


Hiring Guidelines

GitLab hires globally via remote-first roles. Location-based eligibility may apply for certain positions; contact Talent Acquisition early for guidance.


Privacy Notice

Review [Recruitment Privacy Policy] during the application process. GitLab is a committed equal opportunity employer. Policies are based solely on merit, not protected characteristics (race, sex, age, disability, veteran status, or more). Visit [GitLab’s EEO Policy] for full details.

Accommodations: If you need assistance due to disability, notify recruiters immediately.


(Å© 2025 GitLab, [trademarks/appropriations aside].)*

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Engineering Leadership
Application Security
SAST
SCA
Secret Detection
Vulnerability Management
AI/ML Product Delivery
Software Supply Chain Security
Roadmap Planning
Architectural Decision Making
Async Communication
DevSecOps

Location

Israel

Sign up to applySee more jobs like this