Senior Security Technical Architect

Senior Security Technical Architect

at GitLab

Remote, Global

As a Security Technical Architect at GitLab, you’ll lead the design and implementation of secure enterprise solutions for our Professional Services clients. You’ll assess complex security architectures, guide security tool migrations, and implement GitLab’s security features while ensuring compliance with common frameworks. This role requires expertise in developing secure reference architectures with focus on cloud security, identity management, and vulnerability management.
Working closely with PS Engineers and Engagement Managers, you’ll provide technical leadership throughout project lifecycles, from security requirements gathering to implementation. 

You’ll be responsible for preserving customer security postures during migrations, implementing security scanning strategies, and enabling teams to leverage GitLab’s security capabilities effectively. Your experience with security architecture, enterprise security controls, and compliance frameworks will be crucial in delivering successful customer outcomes while maintaining security best practices throughout the engagement lifecycle.

Core Responsibilities

Extends all Intermediate Technical Architect Requirements and Responsibilities

Technical Leadership & Delivery

• Design and lead secure GitLab solution implementations for Professional Services client engagements from inception through delivery
• Ensure security compliance and best practices throughout the software development lifecycle
• Conduct security risk assessments and threat modeling for customer implementations
• Stay current with security threats, compliance requirements, and GitLab security features (Product Security Risk Register)
• Validate security controls and monitoring requirements are properly implemented
• Lead migrations between security scanning tools (e.g., SonarQube, Checkmarx, Veracode to GitLab Security Scanners)

Customer Engagement

• Lead technical discovery sessions with a security focus, understanding customer's compliance needs
• Support PS Engagement Managers in security-related SOW scoping and creation
• Provide security expertise during pre-sales and planning stages
• Ensure deliverables meet customer security and compliance expectations
• Coordinate security implementation activities across internal teams, partners, and customers

Mentorship & Knowledge Sharing

• Mentor PS and partner consultants on security best practices and implementation strategies
• Create security-focused documentation, delivery kits, and training materials
• Review and contribute to PS security training materials and presentations
• Develop security case studies, methodologies, and internal processes
• Hold security enablement sessions for PS team members

Cross-functional Collaboration

• Provide input to GitLab Security teams on product security features and roadmap
• Liaise with Training, Development, Support, and Product teams on security matters
• Support Delivery Managers with security aspects of:
• Technical vetting of partner consultants
• New hire candidate evaluation
• SOW staffing assessments

RequirementsTechnical Expertise

• Demonstrated experience in:
• Delivery of secure enterprise architectures with expertise in application and cloud security
• DevSecOps practices and tools
• SCM migration with security controls
• Secure cloud architecture and infrastructure
• Configuration and Infrastructure as Code tools (Ansible, Terraform, etc)
• CI/CD security integration
• GitLab security features and capabilities
• Security tool migration and transformation

• Planning and executing security tool migrations
• Mapping security findings between platforms
• Managing dismissed/accepted risk findings
• Building migration validation frameworks

Security & Compliance

• Knowledge of security frameworks and standards:
• ISO 27001, NIST 800-53, SOC2
• GDPR, FedRAMP
• Familiar with AI RMF, ISO 42001 is a bonus
• Understanding of current security threats:
• Ransomware protection
• Supply chain security
• AI-related security risks
• Zero-trust architecture

Professional Experience

• 8+ years of progressive experience in:
• Technical consulting
• Enterprise software development
• DevOps platform implementation
• Security program development
• Bachelor's Degree in Computer Science, Information Security, or equivalent experience
• Security / Cloud certifications preferred (CISSP, CISM, AWS Certified Security or similar)

Soft Skills

• Excellent written and verbal communication skills
• Strong presentation and customer-facing abilities
• Demonstrated problem-solving and decision-making capabilities
• Effective project and time management skills
• Leadership experience in security contexts
• Ability to influence and drive security adoption
• Strong organizational and multi-tasking abilities

• Experience mentoring teams on security best practices
• Track record of developing security service offerings
• Ability to drive security transformation initiatives
• Experience with security vendor assessment and integration
• History of contributing to the security community and thought leadership

Performance Indicators

• 55% Billable Utilization Target
• Consistent contributions back to practice

How GitLab will support you

• Benefits to support your health, finances, and well-being
• All remote, asynchronous work environment
• Flexible Paid Time Off
• Team Member Resource Groups
• Equity Compensation & Employee Stock Purchase Plan
• Growth and development budget 
• Parental leave 
• Home office support

Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply to a job unless they meet every single qualification. If you're excited about this role, please apply and allow our recruiters to assess your application.

Remote-Global