[Remote] Senior Software Engineer (RoR/Go), SSCS: Authentication
Note: The job is a remote job and is open to candidates in USA. GitLab is the intelligent orchestration platform for DevSecOps, enabling organizations to increase developer productivity and improve operational efficiency. The Senior Backend Engineer on the Authentication team will work on authentication features and enhance security through robust access management tooling.
Responsibilities
- Contribute to the team's overall direction and play a direct part in shaping the future roadmap of GATE and GitLab's authentication services
- Design and implement authentication features across the Rails monolith and GATE, including token issuance, validation, and identity services
- Help migrate authentication and token management paths from the monolith into GATE while maintaining reliability across all deployment models
- Build authentication mechanisms from the ground up, such as Workload Identity Federation
- Bolster the security posture of our users and organizations through robust access management and by addressing vulnerabilities reported through our HackerOne program
- Solve technical problems of high scope and complexity across Go and Ruby codebases
- Help define and improve internal standards for style, maintainability, and best practices in a high-scale environment. Maintain and advocate for these standards through code review
- Represent GitLab and its values in public communication around broader initiatives, specific projects, and contributions from people not working for GitLab Inc
- Ship moderately sized features and improvements with moderate guidance and support from other team members
- Collaborate with the team on larger projects, including the build-out of GATE
- Improve GitLab engineering projects through the maintainer trainee program at your own comfortable pace, while striving to become a project maintainer
Skills
- Professional experience with Go and/or Ruby in scaling or mission-critical software-as-a-service products
- Familiarity with authentication and authorization technologies or techniques such as OAuth, OpenID Connect (OIDC), Security Assertion Markup Language (SAML), single sign-on (SSO), System for Cross-domain Identity Management (SCIM), Lightweight Directory Access Protocol (LDAP), JSON Web Token (JWT), role-based access control (RBAC), or identity and access management (IAM)
- Knowledge of token systems, cryptographic signing, and key management
- Experience building or contributing to a service from concept to production, including proposal, discussion, and execution
- Proficiency in written and verbal English, with the ability to clearly communicate complex problems and solutions in a remote, largely asynchronous work environment
- Experience with performance and optimization problems, and a demonstrated ability to diagnose and prevent these problems
- Experience working in a highly agile, iterative software development process, with the ability to manage your work effectively, stay organized, and follow through on priorities
Benefits
- Benefits to support your health, finances, and well-being
- Flexible Paid Time Off
- Team Member Resource Groups
- Equity Compensation & Employee Stock Purchase Plan
- Growth and Development Fund
- Parental Leave
Company Overview