Engineering Manager, SSCS: Supply Chain

GitLab is the intelligent orchestration platform for DevSecOps. GitLab enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 50 million registered users and more than 50% of the Fortune 100* trust GitLab to ship better, more secure software faster.

The same principles built into our products are reflected in how our team works: we embrace AI as a core productivity multiplier, with all team members expected to incorporate AI into their daily workflows to drive efficiency, innovation, and impact. GitLab is where careers accelerate, innovation flourishes, and every voice is valued. Our high-performance culture is driven by our values and continuous knowledge exchange, enabling our team members to reach their full potential while collaborating with industry leaders to solve complex problems. Co-create the future with us as we build technology that transforms how the world develops software.

*Fortune 500® is a registered trademark of Fortune Media IP Limited, used under license. Claim based on GitLab data. Fortune 100 refers to the top 20% ranked companies in the 2025 Fortune 500 list, published in June 2025. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of GitLab.

An overview of this role

As an Engineering Manager, you’ll guide GitLab’s dedicated Software Supply Chain Security (SSCS) Add-On engineering team as it develops core capabilities including Dependency Firewall, Build Provenance, Malicious Packages detection, and Artifact Signing. This is a founding management role where you’ll help shape how the team works, partner closely with the Staff Backend Engineer, Product Manager, and SSCS stage management, and turn a defined roadmap into steady, high-quality delivery for enterprise customers with strict security and compliance needs. You’ll focus on developing the team, creating a healthy operating rhythm, and establishing predictable execution for the SSCS SKU.

You’ll join a product area where customers in regulated industries are already validating the need, and your work will help GitLab deliver software supply chain security features that customers can rely on. While technical credibility matters, your main focus will be growing a strong backend engineering team, enabling team members in their development, and creating the conditions for long-term delivery and quality.

What you’ll do

• Guide a backend engineering team building the SSCS Add-On across dependency enforcement, build provenance, malicious package detection, and artifact signing.

• Be responsible for Drive engineering delivery for general availability milestones by aligning sequencing, scope, and dependencies with the Staff Backend Engineer and Product Manager.

• Develop the team by partnering with Talent Acquisition on sourcing, interview design, candidate evaluation, and hiring decisions.

• Run regular 1:1s, performance reviews, and career development conversations that enable growth and clear expectations.

• Advance engineering quality by monitoring cycle time, defect rates, and test coverage, and by addressing risks early.

• Coordinate quarterly planning and roadmap tradeoff discussions with SSCS stage leadership and Product.

• Work with Finance and other partners on headcount pacing and team planning as the Add-On scales.

• Represent the SSCS Add-On team within stage leadership discussions and help ensure strong communication across functions.

What you’ll bring

• Experience guiding backend product engineering teams in security, DevSecOps, or platform engineering environments.

• Ability to hire and grow backend or security engineers in distributed team environments, with practical understanding of the talent landscape for these roles.

• Technical credibility to contribute to architecture discussions involving package registries, CI/CD pipeline security, and signing infrastructure.

• Experience managing predictable delivery across multi-quarter product roadmaps and managing cross-team dependencies.

• Comfort working in an asynchronous, documentation-driven organization with clear written communication.

• Familiarity with supply chain security, artifact management, or compliance-focused product areas, or transferable experience from related domains.

• Working knowledge of concepts related to frameworks and ecosystems such as SLSA and Sigstore.

• Ability to build credibility with engineers, product partners, and customer-facing stakeholders through clear judgment, coaching, and teamwork.

About the team

The SSCS Add-On team is a product engineering team within GitLab’s Software Supply Chain Security stage. We work on key capabilities in the SSCS Add-On SKU and collaborate closely with product and engineering partners to deliver security features for customers operating in regulated environments. You’ll report to the SSCS Senior Engineering Manager and partner directly with the Staff Backend Engineer and Product Manager. As a distributed team working asynchronously across regions, we are focused on strong delivery practices, team health, and scaling the product area with clarity and accountability. For more on how related teams work, see Team Handbook Page.

How GitLab will support you

• Benefits to support your health, finances, and well-being

• Flexible Paid Time Off

• Team Member Resource Groups

• Equity Compensation & Employee Stock Purchase Plan

• Growth and Development Fund

• Parental leave

• Home office support

Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply to a job unless they meet every single qualification. If you're excited about this role, please apply and allow our recruiters to assess your application.

Country Hiring Guidelines: GitLab hires new team members in countries around the world. All of our roles are remote, however some roles may carry specific location-based eligibility requirements. Our Talent Acquisition team can help answer any questions about location after starting the recruiting process.

Privacy Policy: Please review our Recruitment Privacy Policy. Your privacy is important to us.

GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. GitLab’s policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including family medical history), discharge status from the military, protected veteran status (which includes disabled veterans, recently separated veterans, active duty wartime or campaign badge veterans, and Armed Forces service medal veterans), or any other basis protected by law. GitLab will not tolerate discrimination or harassment based on any of these characteristics. See also GitLab’s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know during the recruiting process.