Engineering Manager, Software Supply Chain Security: Auth Infrastructure

An overview of this role

As an Engineering Manager for the Auth Infrastructure team at GitLab, you’ll lead a distributed group of engineers building the core infrastructure that powers authentication and authorization across all GitLab deployment models. You’ll focus on secure, performant, and reliable identity services at global scale, enabling our move toward a zero-trust architecture and a more modular, microservices-based platform. While you’ll bring deep technical experience with distributed systems, proxy technologies, infrastructure security, and languages like Go or Rust, your primary impact will come from building and supporting a healthy team, hiring and developing great talent, and partnering closely with Authentication, Authorization, Platform, Infrastructure, Cells Architecture, and Runner teams to ensure the auth infrastructure layer meets their needs. In your first year, you’ll be instrumental in shaping the foundation of GitLab’s Identity and Access Management services, from Envoy-based proxy layers and token services to policy decision infrastructure that serves millions of requests per second across GitLab.com, self-managed, Dedicated, and air-gapped environments.

Some examples of our projects:

• Designing and operating an Envoy-based proxy layer that handles millions of authentication requests per second with mTLS, short-lived certificates, and service mesh patterns
• Delivering zero-downtime migrations of authentication infrastructure and resilient token services that enable policy-based authorization at scale

What you’ll do

• Lead the Auth Infrastructure engineering team, setting clear direction, enabling strong execution, and supporting team health and growth
• Drive the design and implementation of GitLab’s authentication infrastructure, including Envoy proxy configuration, token services, and policy decision components
• Solve complex infrastructure challenges such as bi-directional gRPC tunnels, mTLS implementation, short-lived certificate management, and service mesh architecture
• Ensure the authentication infrastructure reliably supports all GitLab deployment models, including GitLab.com, self-managed, Dedicated, and air-gapped environments
• Lead performance optimization efforts for authentication and authorization at scale, focusing on low-latency, high-throughput decision making
• Develop and maintain robust monitoring, observability, and debugging capabilities for distributed authentication systems
• Collaborate closely with Authentication, Authorization, Platform, Infrastructure, Cells Architecture, and Runner teams to align infrastructure capabilities with their needs and ensure seamless integration
• Hire, mentor, and develop engineers, and build processes that support sustainable delivery and continuous improvement within the Auth Infrastructure team

What you’ll bring

• Experience leading and developing infrastructure-focused engineering teams, with a focus on distributed systems and reliability
• Proficiency with proxy and edge routing technologies such as Envoy, Traefik, HAProxy, or nginx, including design and configuration at scale
• Hands-on background in Go and/or Rust for building and operating high-performance backend or infrastructure services
• Familiarity with service mesh architectures, mTLS, and zero-trust networking concepts, including short-lived certificates and secure tunnels (for example, gRPC)
• Understanding of token and identity systems such as JWT or Macaroons, including cryptographic signing, key management, and integration with authentication flows
• Experience with database and storage technologies such as RDS, Google Spanner, Postgres, or similar, and how they support authentication workloads
• Knowledge of Kubernetes, container orchestration, and cloud-native deployment patterns, including observability, debugging, and performance optimization for distributed systems
• Experience with infrastructure automation, CI/CD, and GitOps practices, and an interest in applying transferable skills from related domains or backgrounds to authentication infrastructure work

About the team

The Auth Infrastructure team at GitLab is one of three authentication-focused teams within GitLab’s Software Supply Chain Security stage, and we are responsible for the infrastructure foundation that powers authentication and authorization across all GitLab deployment models. Our team is composed of distributed systems and infrastructure engineers working asynchronously across regions, collaborating closely with the Authentication and Authorization teams for product requirements and integration, the Platform and Infrastructure teams for deployment and operations, the Cells Architecture team for multi-tenant routing and isolation, and the Runner team for CI/CD authentication needs. We focus on solving complex challenges such as building and operating a proxy layer that can handle millions of requests per second, enabling zero-downtime migrations of authentication infrastructure, designing resilient token and identity services, and establishing the core building blocks for policy-based authorization at global scale.