Your work will contribute to the full secret management lifecycle, from push protection to pipeline-based scanning, validation, and auditability, so developers can move quickly without taking on avoidable security risk.

This is a strong opportunity if you want to work on security features with clear customer impact, improve detection quality, and help teams act when credentials, API keys, or other secrets are exposed.

You'll focus on backend systems that power Secret Detection across GitLab's DevSecOps platform, working closely with product management and engineering peers in an async-first environment.

In your first year, you'll contribute to core product capabilities, improve performance and result quality, and help shape technical direction through code reviews, RFCs, and proof of concepts.

Some examples of our projects:

• Prevent secret leaks in source code with GitLab Secret Push Protection
• Verify validity of secret detection findings

Responsibilities

• Guide the design and implementation of backend features for GitLab Secret Detection in Ruby on Rails, GraphQL, and Go, delivering capabilities that improve coverage, reliability, or response time for secret detection workflows.
• Build clean, well-tested, maintainable code that meets GitLab standards for reliability and performance, helping reduce regressions and maintain backend systems at scale.
• Partner with product management and engineering peers to deliver backend capabilities that improve detection, validation, remediation, and audit trail coverage across the secret management lifecycle.
• Improve detection quality by reducing false positives, strengthening secret validation workflows, and enabling faster, more effective remediation paths.
• Contribute to code reviews, RFCs, and proof-of-concept work that guide technical approaches across the Secret Detection category.
• Identify technical debt and operational inefficiencies, then propose and implement practical improvements.
• Diagnose performance and optimization issues in backend systems and implement improvements that increase efficiency, scalability, and service reliability.
• Work effectively in a globally distributed, async-first team while participating in planning, engineering discussions, and pairing when needed.

Requirements

• Experience building backend applications and services using Ruby on Rails, with working knowledge of GraphQL and interest in backend-focused product development.
• Experience designing and delivering secure, maintainable systems that power production web applications at scale.
• Knowledge of security concepts, common vulnerabilities, mitigation techniques, and secure coding practices.
• Background developing or working with security tools or products, especially in areas related to code scanning or secret detection.
• Experience investigating performance issues and improving backend reliability, efficiency, and maintainability.
• Ability to work closely with cross-functional partners, including product, design, and technical writing, to deliver useful product outcomes.
• Communicate clearly in writing and in conversation, especially in remote, async-first environments with distributed teams.
• Bring transferable experience and a willingness to grow into parts of the security or Go stack.

About the Team

The Secret Detection team owns GitLab's Secret Detection category, and we build the backend systems and related user workflows that help developers identify and mitigate exposed secrets as code is contributed.

We work with the broader security product suite while maintaining focused investment in secret scanning quality, validation, remediation, and developer experience.

Our work spans Rails and Go services, and we work primarily asynchronously across time zones as a globally distributed team.

Current opportunities include expanding coverage across the secret management lifecycle and improving result quality across the findings our tools detect.

For more on how we work, see the Team Handbook page.

Benefits

• Benefits to support your health, finances, and well-being
• Flexible Paid Time Off
• Team Member Resource Groups
• Equity Compensation & Employee Stock Purchase Plan
• Growth and Development Fund
• Parental leave
• Home office support

XML job scraping automation by YubHub

Anthropic's mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems.

About the Team

The Security Engineering team protects Anthropic's AI systems and maintains the trust of our users and society. We define the authentication architecture for our training infrastructure, design the cryptographic foundations that protect model weights and training data, and drive the developer security program that shapes how engineers build and ship software.

The team works across several areas that collaborate closely: identity and secrets management, developer security and supply chain, infrastructure security, and secure frameworks. You will support one of these areas while contributing across others, with your focus shaped by your strengths and the team's priorities.

Responsibilities:

• Build and maintain identity and secrets management systems, including credential issuance, rotation, and workload authentication across our multi-cloud environments
• Contribute to cluster security controls including RBAC policies, namespace isolation, workload identity, and pod security
• Implement and maintain cloud security controls including IAM, network segmentation, VPC architecture, and encryption across our multi-cloud and on-prem environments
• Design and implement secure development frameworks and libraries that make secure coding the path of least resistance for our engineering teams, including service to service authentication, serialization libraries, and tool proxies.
• Harden CI/CD pipelines against supply chain attacks through isolated build environments, signed attestations, dependency verification, and automated policy enforcement
• Identify and remediate security gaps through code review, threat modeling, and hands-on debugging
• Contribute to continuous cloud security posture management using infrastructure-as-code scanning, misconfiguration detection, and automated remediation

You may be a good fit if you have:

• At least 5 years of software engineering experience implementing and maintaining security-relevant systems in production
• Bachelor's degree in Computer Science or equivalent industry experience
• Strong programming skills in Python or at least one systems language such as Go or Rust
• Experience contributing to cloud security controls
• A track record of taking ownership of problems end to end, from identifying the issue to shipping and monitoring the fix
• Clear communication skills and the ability to work collaboratively across engineering teams
• Low ego and high empathy, with a genuine interest in helping teammates succeed
• Passion for AI safety and the role security engineering plays in building trustworthy AI systems

Strong candidates may also have:

• Contributions to developer security tooling including SAST, dependency scanning, or secure build infrastructure
• Familiarity with Kubernetes security primitives including RBAC, namespaces, network policies, and admission controllers
• Experience with cloud security posture management tooling, infrastructure-as-code security scanning, or automated remediation
• Experience with network security and isolation techniques including east-west controls, traffic inspection, and cloud network policy
• Experience with eBPF for security monitoring and enforcement, or developing kernel security policies
• Experience building secrets management or workload authentication systems, including familiarity with protocols such as OAuth 2.0, OIDC, SAML, or SPIFFE/SPIRE
• Background building or operating security systems in environments that support research workflows and rapid iteration

Deadline to apply:

None. Applications will be reviewed on a rolling basis.

Logistics

Education requirements: We require at least a Bachelor's degree in a related field or equivalent experience. Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices.

Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this.

We encourage you to apply even if you do not believe you meet every single qualification. Not all strong candidates will meet every single qualification as listed. Research shows that people who identify as being from underrepresented groups are more prone to experiencing imposter syndrome and doubting the strength of their candidacy, so we urge you not to exclude yourself prematurely and to submit an application if you're interested in this work. We think AI systems like the ones we're building have enormous social and ethical implications. We think this makes representation even more important, and we strive to include a range of diverse perspectives on our team.

Your safety matters to us. To protect yourself from potential scams, remember that Anthropic recruiters only contact you from @anthropic.com email addresses. In some cases, we may partner with vetted recruiting agencies who will identify themselves as working on behalf of Anthropic. Be cautious of unsolicited messages or requests for sensitive information.

XML job scraping automation by YubHub