Engineering Manager, Software Supply Chain Security: Pipeline Security

Experience leading and developing engineering teams, with a focus on building secure, reliable product features. Practical knowledge of software supply chain security concepts, tools, and industry standards. Understanding of the SLSA (Supply-chain Levels for Software Artifacts) framework and how to apply it in CI/CD pipelines. Familiarity with software artifact provenance, attestation, and verification techniques. Knowledge of secure software development practices, including container security, software composition analysis, and vulnerability management. Experience working with CI/CD systems and their security considerations. Ability to collaborate effectively with product management, security, and other cross-functional partners. Openness to learning new technologies and approaches.

Lead a team of engineers building Software Supply Chain Security features. Guide the design and implementation of SLSA compliance within GitLab CI/CD pipelines. Collaborate with Product Managers to define, prioritize, and deliver the roadmap for supply chain security capabilities. Partner with Security team members to ensure features meet security standards. Stay current with software supply chain security standards and tools. Educate and advocate for supply chain security best practices across engineering teams. Represent the Pipeline Security team in cross-functional initiatives and external industry forums. Drive continuous improvement in team health, delivery predictability, and documentation quality.