Remote Intermediate Application Security Engineer (New Zealand/Australia) at GitLab

Description:

GitLab is seeking an Intermediate Application Security Engineer to join their remote team in New Zealand or Australia.
The Application Security team is responsible for ensuring that all GitLab products are developed securely throughout the DevSecOps lifecycle.
The role involves collaborating with Engineering, Product teams, and third-party partners to enhance security and safeguard customer data.
Responsibilities include identifying and triaging application security vulnerabilities, conducting security-focused code reviews, and supporting the bug bounty program.
The engineer will provide security training to internal development teams and lead security patch releases.
The position requires integrating security across all stages of the software development lifecycle and assisting in the development of security processes and automated tooling.

Candidates must have a strong understanding of fundamental security principles.
Excellent written and verbal communication skills are required to articulate complex topics clearly.
The ability to collaborate effectively with software development teams is essential.
A solid understanding of common security vulnerabilities, including identification, exploitation, and remediation, is necessary.
Proficiency in reading, writing, and reviewing code in Ruby on Rails or Go is required.
Familiarity with common security libraries and tools, such as static analysis and penetration testing tools, is expected.
A basic understanding of network and web-related protocols, including TCP/IP, UDP, HTTP, and HTTPS, is needed.
Comfort with using Git and GitLab is essential.