Director of Engineering, Security Governance

GitLab is the intelligent orchestration platform for DevSecOps. GitLab enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 50 million registered users and more than 50% of the Fortune 100* trust GitLab to ship better, more secure software faster.

The same principles built into our products are reflected in how our team works: we embrace AI as a core productivity multiplier, with all team members expected to incorporate AI into their daily workflows to drive efficiency, innovation, and impact. GitLab is where careers accelerate, innovation flourishes, and every voice is valued. Our high-performance culture is driven by our values and continuous knowledge exchange, enabling our team members to reach their full potential while collaborating with industry leaders to solve complex problems. Co-create the future with us as we build technology that transforms how the world develops software.

*Fortune 500® is a registered trademark of Fortune Media IP Limited, used under license. Claim based on GitLab data. Fortune 100 refers to the top 20% ranked companies in the 2025 Fortune 500 list, published in June 2025. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of GitLab.

An overview of this role

As Director of Engineering, Security Governance, you will oversee a critical part of GitLab's AI-powered DevSecOps platform: the systems we build to help customers and teams manage security policy, compliance, and AI governance at scale. You'll work at the intersection of platform security, product-led growth, and AI safety, reporting to the VP of Engineering, Security. You will guide six teams, shape the engineering vision and roadmap for this group, and help define how we and our customers govern AI-enabled and software delivery workflows through infrastructure built for correctness, scalability, and auditability.

Some examples of our projects

Flow ID and governance capabilities that support platform-wide AI oversight

Auditing for the DevSecOps AI Platform (DAP) and Software Factory, the MCP Catalog, and governance dashboards

What you’ll do

Set the engineering vision and multi-quarter roadmap across six teams focused on security policy enforcement, compliance management, security feature adoption, and AI governance, with clear quarterly outcomes for delivery and adoption.

Lead and grow a distributed engineering organization that includes engineering managers and individual contributors, with success measured by team performance, engagement, and career development outcomes.

Drive architectural decisions for policy enforcement, compliance, and AI governance systems to improve correctness, scalability, and auditability, with success measured by reliability and audit readiness.

Partner with product management to define priorities and shape requirements for platform capabilities used by security-focused enterprise customers, with a focus on adoption and roadmap delivery.

Own platform-wide AI governance infrastructure, including Flow ID, auditing for the DevSecOps AI Platform (DAP) and Software Factory, the MCP Catalog, and governance dashboards.

Represent the Security Governance group in cross-functional discussions, executive reviews, and customer conversations.

Establish engineering standards across delivery, observability, incident response, and code quality to improve delivery predictability, observability coverage, and incident response effectiveness.

Contribute to GitLab's transparent, async-first way of working through issues, merge requests, and the GitLab handbook.

What you’ll bring

Experience leading engineering organizations that include multiple teams and managers.

Strong understanding of security fundamentals, including policy enforcement, compliance frameworks such as SOC 2, ISO 27001, and FedRAMP, and software supply chain security.

Experi