← Back to jobs
Gitlab
Gitlab

Staff Security Engineer, IAM (USA)

engineeringfull-timeRemote, US
SALARY
Not listed
WORK TYPE
remote
JOB TYPE
full-time
INDUSTRY
general
Apply for this position
✦ AutoApply Let us apply to roles like this on your behalf.
Learn more

About the role

An overview of this role

The Corporate Security Identity Team is on a mission to transform how our workforce ecosystem securely accesses the tools they need to do their best work, advancing from foundational controls to sophisticated, automated governance across our identity platforms and our emerging AI tooling.

As a Staff Security Engineer, you'll be a senior technical leader and strategic anchor on the team. You're passionate about designing elegant solutions to complex identity challenges, whether that's architecting enterprise-scale conditional access policies, codifying our identity platforms in Terraform, or building governance frameworks for AI agents and non-human identities. You'll be responsible for critical systems, write technical proposals that influence our roadmap, raise the bar through design and code review, and lead cross-functional initiatives that span Security, IT, Engineering, Compliance and People teams.

This isn't about maintaining the status quo- it's about architecting the future of identity security for a rapidly scaling company operating in regulated environments. Because this role may need to support our FedRamp tech stack, hiring may be restricted to US citizens physically located in the US.

What you’ll do

  • Design comprehensive identity and AI access solutions that scale with our business growth, from AI agent governance frameworks to privileged access workflows that eliminate standing access through just-in-time provisioning
  • Lead identity and access engineering for our enterprise AI platforms including administration, SSO and SCIM integration, audit logging, data controls, and policy enforcement for Claude (web, Claude Code, Cowork) and adjacent tools
  • Codify our identity platforms in Terraform, leading the migration of Okta, Lumos, and our NHI platform from click-ops to peer-reviewed infrastructure-as-code, with a focus on global critical policies
  • Refactor our authentication framework to implement advanced conditional access controls such as device trust, location-based policies, risk-based step-up authentication, and behavioral analytics across our entire SaaS ecosystem
  • Pioneer non-human identity governance by designing monitoring and management solutions for service accounts, API keys, certificates, AI agents, and MCP integrations, and leading deployment, integration, and operationalization
✦ Let us apply for you
We find roles like this and apply on your behalf. Cover letter written for each one. Plans from $14.99/mo. Cancel anytime.
Join waitlist
Apply now
Staff Security Engineer, IAM (USA) at Gitlab — Remote