Remote Intermediate Application Security Engineer (AMER/EMEA) at GitLab

Description:

GitLab is seeking an Intermediate Application Security Engineer to join their remote team in the Americas or EMEA.
The Application Security team is responsible for ensuring that all GitLab products are developed securely throughout the DevSecOps lifecycle.
The role involves collaborating with Engineering, Product teams, and third-party partners to enhance security and protect customer data.
Responsibilities include identifying and triaging application security vulnerabilities, conducting security-focused code reviews, and leading security patch releases.
The engineer will support the bug bounty program, provide security training to internal teams, and assist in developing security processes and automated tooling.

Candidates must have a strong understanding of fundamental security principles.
Excellent written and verbal communication skills are required to articulate complex topics clearly.
The ability to collaborate effectively with software development teams is essential.
A solid understanding of common security vulnerabilities, including identification, exploitation, and remediation, is necessary.
Proficiency in reading, writing, and reviewing code in Ruby on Rails or Go is required.
Familiarity with common security libraries and tools, such as static analysis and penetration testing tools, is expected.
A basic understanding of network and web-related protocols, including TCP/IP, UDP, HTTP, and HTTPS, is needed.
Comfort with using Git and GitLab is essential.