Intermediate Backend Engineer, SSCS – Supply Chain

This is a fully remote position, open to applicants in India.

📋 Description

• Develop well-defined backend features for the Add-On's supply chain security product, which includes package policy integrations, enhancements to the ingestion pipeline, signing and verification capabilities, and reliability-driven initiatives, all while delivering maintainable code within agreed timelines and adhering to team-defined delivery commitments.

• Create and sustain integrations between Add-On functionalities and GitLab's existing software composition analysis scanning system, ensuring that findings appear consistently and accurately in merge request security reports, thereby minimizing integration issues and fostering a reliable user experience.

• Author and maintain extensive automated test coverage, incorporating RSpec and integration tests, to enhance test reliability, mitigate regressions, and enable safe, consistent releases as the codebase expands.

• Engage in work across various feature areas as priorities shift, contributing as a generalist where the team requires the most support.

• Actively participate in code reviews by providing thoughtful, actionable feedback and constructively incorporating feedback into your own work to uphold code quality and minimize rework.

• Produce clear internal documentation for the features and behaviors you implement, enabling teammates to effectively support, extend, and troubleshoot the product.

• Collaborate with adjacent Software Supply Chain Security teams, including Dependency Firewall and Malware Database, as the Add-On integrates capabilities from across GitLab, facilitating aligned functionality and smoother cross-team execution.

• Work effectively in an async-first environment across global time zones, including occasional off-hours overlap when necessary, to ensure work progresses and decisions are documented transparently.

⛳️ Requirements

• Experience in backend development with the capability to deliver maintainable production code.

• Strong proficiency in Ruby on Rails coupled with solid PostgreSQL fundamentals.

• Familiarity with Golang or a willingness to learn and work across both Ruby on Rails and Go.

• Strong testing discipline, including familiarity with RSpec or a similar testing framework.

• Clear and direct written communication skills along with experience collaborating with distributed teammates in asynchronous workflows.

• Ability to independently manage scoped work, communicate progress effectively, and adapt as team priorities change.

• Interest in package ecosystems such as npm, Maven, PyPI, or OCI containers, or relevant experience that aids in ramping up in this domain.

• Enthusiasm for software supply chain security, dependency management, DevSecOps, or security-related product development, with the ability to integrate security considerations into backend development tasks.

🏝️ Benefits

• Benefits designed to support your health, financial stability, and overall well-being.

• Flexible Paid Time Off.

• Team Member Resource Groups.

• Equity Compensation & Employee Stock Purchase Plan.

• Growth and Development Fund.

• Parental leave.

• Home office support.