RemoteLeaf Logo
Log in Sign up

VP of Product Security

3 weeks, 2 days ago
United States
Full-time
Executive
Application Security Engineer
Cybersecurity
CI/CD DevSecOps JavaScript Microservices OWASP Secrets Management Serverless
Apply Now
GitLab

GitLab

GitLab: The comprehensive DevOps platform revolutionizing software development with automation, AI workflows, and essential tools for efficient collaboration.

Internet Software & Services
1K-5K
Founded 2014
View All Jobs 140

Description

  • Set the long-term strategy and operating model for Product Security across GitLab.com, GitLab Dedicated, and self-managed offerings.
  • Lead a global, multi-disciplinary organization spanning application security, product security engineering, security architecture and platforms, vulnerability management, PSIRT, and infrastructure, cloud, and data security.
  • Partner with senior leaders across Engineering, Product, AI, and Security to embed security into product architecture, planning, and delivery.
  • Own the roadmap for core security services and developer-facing platform capabilities, including authentication, authorization, secrets management, auditability, and security APIs.
  • Drive secure design reviews, threat modeling, and risk-based security practices that help teams ship securely with minimal friction.
  • Guide GitLab’s approach to AI and agentic security, including security architecture, governance decisions, and risk acceptance for new AI surfaces.
  • Oversee vulnerability management, product security incident response, and bug bounty operations.
  • Use trends and root-cause analysis to drive durable product and process improvements.
  • Establish security metrics, planning inputs, and risk visibility to support executive decision-making, customer conversations, and engineering prioritization.

Requirements

  • Senior engineering or security leadership experience with strong product engineering credibility and ownership of security-relevant product architecture.
  • Experience building, shipping, and operating services in a high-growth SaaS or AI environment.
  • Experience leading multi-disciplinary organizations through Directors, Senior Managers, and senior individual contributors in a distributed, remote-first setting.
  • Knowledge of secure design, threat modeling, web application and API security, and modern authentication and authorization patterns.
  • Familiarity with software supply chain security, CI/CD pipelines, vulnerability management, incident response, and cloud security concepts.
  • Experience partnering with Product, Engineering, AI, and Security leaders to turn risk, customer needs, and technical trade-offs into practical roadmaps and decisions.
  • Strong written and verbal communication skills, including presenting technical risk and business trade-offs to executives, customers, and stakeholders.
  • Open to candidates with different career paths, including product engineering leaders with deep security ownership or security leaders with a strong record of building and shipping products.
  • Must be a United States Citizen due to government requirements.
  • Nice to have: experience with developer tools, DevOps/DevSecOps platforms, large-scale open-source projects, security standards and frameworks such as OWASP, NIST, and SLSA, bug bounty and coordinated disclosure programs, or regulated/security-sensitive customer environments such as financial services, government, or healthcare.

Benefits

  • Base salary range of $297,600 to $360,000 USD for the listed level in the United States.
  • Flexible Paid Time Off.
  • Equity compensation and an Employee Stock Purchase Plan.
  • Growth and Development Fund.
  • Parental leave.
  • Benefits to support health, finances, and well-being.
  • Team Member Resource Groups.
  • Remote work with roles generally offered globally, subject to location-based eligibility requirements.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

GuidePoint Security

Senior Application Security Engineer - Mid-Atlantic region (Remote in VA, MD, PA, NC, DE, NJ, or DC)

GuidePoint Security 251-1K Internet Software & Services

GuidePoint Security is hiring a Security Engineering professional to implement and operationalize application security tooling and practices across software development and CI/CD environments for a broad range of customer-facing security engagements.

United States Full-time Senior Application Security Engineer
Azure Burp Suite CI/CD CircleCI GitHub Actions Jenkins
59 minutes ago
P

Senior Product Manager

Pion 201-500 Marketing and advertising

Pion is hiring a Senior Product Manager to lead consumer-facing product strategy, SEO growth, and cross-functional delivery across its Student Beans and Beans ID experiences.

United Kingdom Full-time Senior Product Manager
SEO
1 hour, 11 minutes ago
Mark43

Product Manager, CAD

Mark43 251-1K Professional Services

Mark43 is hiring a Product Manager for its CAD team to own mission-critical dispatch workflows and guide product execution for public safety operations.

United States Canada United Kingdom Full-time Senior Product Manager
Computer Vision Machine Learning
2 hours, 30 minutes ago
BnBerry

Product Manager - Hospitality Tech (Europe Remote)

BnBerry 51-250 Hotels, Restaurants & Leisure

Bnberry is hiring a Product Manager to lead 0–1 product discovery for AI-powered travel tech solutions that help hotels and resorts determine and trust what autonomous systems should handle.

Netherlands Poland Portugal Serbia Cyprus Full-time Mid Level Product Manager
LLM
3 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers