Senior Software Engineer in Test, Secure

GitLab


2 weeks ago

02/12/2020 10:22:39

Job type: Full-time

Category: Software Development


This Software Engineer in Test position for our Secure team is 100% remote.

A brief overview:

GitLab is building an open-source, single application for the entire software development lifecycle—from project planning and source code management to CI/CD, monitoring, and security.

Right now, we’re in a period of growth, we’ve more than doubled the size of the Quality department through 2019, and we’ve increased the number of GitLab employees from 400 to over 1100 this financial year, too.

At GitLab, we live and breathe open source principles. This means our entire handbook is online, and with a few clicks, you can find the details of future releases, check out our past releases, and see an overview of the product vision you’d contribute to when working here.

As a Software Engineer in Test at GitLab, you will be embedded in our Secure stage group. You’ll be responsible for baking in a culture of quality across the categories found within our Secure team, expanding on our existing test automation frameworks and test coverage across a range of configurations, and leading our test automation efforts on new features within our Secure categories as part of a dedicated cross-functional team.

What you can expect in a Software Engineering in Test, Secure role at GitLab:
  • As part of our Secure team you’ll work on test automation issues related to the Quality department, the Secure stage group, and the entire GitLab product. The work you’ll do will be transparent and open to the GitLab community.
  • You’ll develop new tests and tools for our GitLab.com frontend, backend APIs and services, and low-level systems like geo-replication, CI/CD, and load balancing.
  • You’ll identify and drive the adoption of best practices in code health, testing, testability, and maintainability.
  • You’ll work with engineers to define and implement mechanisms to inject testing earlier into the software development process.
  • You’ll configure automated tests to execute reliably and efficiently in our CI/CD environments.
  • You’ll work 1:1 with a Product Manager, and with the wider product and development teams to understand how new features should be tested and to contribute to automated tests for these new features.
  • You’ll work in an environment where we aim to have a 1:10 ratio of Software Engineer in Test to Engineers.
  • As an SET, you'll have the opportunity to become and expert in security testing-related techniques and concerns.
Projects you might work on in our Secure stage group:

You’ll spend your time collaborating with a cross-functional team who are embedded in our Secure stage group. You could work on projects where you’ll be tasked with moving our security products from their own standalone QA process to the GitLab QA review application, growing our test coverage across our security products, and implementing security testing processes.

You should apply if:
  • You’ve got at least a few years of experience developing in Ruby or working on a Ruby on Rails application.
  • You’ve got some experience with security testing or an interest in the security field. To demonstrate this, you could be familiar with SQL injections, cross-site scripting, or URL manipulation. Alternatively, you may have been involved in OWASP or security hacking sessions. This list is by no means exhaustative, it's here to give you an insight into the type of securty-testing experience we can look for.
  • You’ve got a working knowledge of Docker.
  • You’ve worked with industry-standard CI tools like GitLab CI, Jenkins, Bamboo, or Circle CI for example.
  • You’re comfortable with Selenium-based test automation tools like Capybara.
  • You’ve got experience with Git and its command line.
  • You’re interested in growing your knowledge and skills in Test Environment Provisioning and Configuring (Terraform, Ansible, Kubernetes, GCP / AWS).
  • You know about clean code and the test pyramid, and champion these concepts.
  • Our values of collaboration, results, efficiency, diversity, iteration, and transparency resonate with you.
  • You'll thrive in an environment where self-learning and self-service is encouraged and instilled as a part of our culture.

We're aware the confidence gap exists so we want to encourage you to apply even if you do not match all of the requirements exactly. The above list is intended to show the kinds of experience and qualities we're looking for. It is not a complete list of pre-required skills.

The culture here at GitLab is something we’re incredibly proud of. Because GitLabbers are currently located in over 51 different countries, you’ll spend your time collaborating with kind, talented, and motivated colleagues from across the globe.

Some of the benefits you’ll be entitled to vary by the region or country you’re in. However, all GitLabbers are fully remote and receive a "no ask, must tell" paid-time-off policy, where we don’t count the number of days you take off annually. You can work incredibly flexible hours, enabled by our asynchronous approach to communication. We’ll also help you set up your home office environment, pay for your membership to a co-working space and contribute to the travel costs associated with meeting other GitLab team members across the world. Also, every year or so, we’ll invite you to our Contribute event.

Hiring Process and compensation:

Our hiring process for this Software Engineer in Test position typically follows six stages. The details of this process and the compensation for this role can be found at the bottom of our job family page.

Remote-EMEA

Please mention that you come from Remotive when applying for this job.

Help us maintain Remotive! If this link is broken, please just click to report dead link!

similar jobs

  • Skylight (US only)
    4 days ago

    Skylight (https://skylight.digital/) is at the forefront of a civic movement to reinvent how the government serves the public in a digital world.

    Were looking for a DevOps Engineer to join our talented team of technologists in driving this movement forward.

    Youll be a key part of our small, but rapidly growing team, which consists of former Presidential Innovation Fellows, founders of 18F, and members of the U.S. Digital Service.

    We work in small, fast, agile teams to create exceptional customer experiences and enduring solutions out of the governments most complex design and technology challenges. The work is challenging, but highly rewarding.

    Benefits

    We focus on supporting you in a variety of ways:

    • Competitive salary
    • Opportunities for an economic stake in the company's success
    • Performance bonuses, referral bonuses, publication bonuses, and public speaking bonuses
    • Medical insurance, dental insurance, vision insurance, short-term and long-term disability insurance, life insurance, dependent care FSA, healthcare FSA, and health savings account
    • Dollar-for-dollar 401(k) match up to 10% of your salary
    • Flexible paid-time-off policy (minimum of 29 days), which covers any type of leave (such as holiday, sick, and vacation) that you need or want to take
    • Minimum of 9 weeks paid time off for all eligible new birth, adoption, or foster parents
    • Annual $2,000 professional development allowance
    • Annual budget of up to $750 for tech-related purchases
    • Access up to $1,000 before payday to cover emergency expenses
    • Incentives for living in a HUBZone area (https://maps.certify.sba.gov/hubzone/map), including relocation assistance and a monthly stipend to help offset the cost of rent or mortgage
    • Remote-friendly work environment
    • An environment that empowers you to unleash your superpowers for public good

    We participate in E-Verify and upon hire, will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S.

    We're an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, sex, sexual orientation, gender identity or expression, religion, age, pregnancy, disability, work-related injury, covered veteran status, political ideology, marital status, or any other factor that the law protects from employment discrimination.

    Skills & requirements

    What you’ll do:

    • Engineer an incredible experience for developers who are working in web-based environments such as Ruby, Python, Java, and Node.js through automation, virtualization, and process improvement

    • Achieve technical excellence by advocating for and adhering to lean-agile engineering principles and practices such as simple design and automated testing

    • Represent Skylight's culture of delivery when interacting with government stakeholders and other contractors

    What we’re looking for:

    • Expertise in the areas of version control, deployment automation, continuous integration, test automation, monitoring, proactive notification, and “shift-left security”

    • Able to deploy and configure services using infrastructure as a service providers such as Amazon Web Services and Microsoft Azure

    • Able to solve problems using scripting and programming skills

    • Able to administer Linux-based systems, as well as Apache-based web servers

    • Experience with Elasticsearch and Docker

    • Experience creating secure systems while enhancing the privacy of all system users

    • Experience working within a multidisciplinary, agile team format

    • A mindset and work approach that aligns with our core values (https://skylight.digital/culture)

    • Ability to travel from time to time

  • As a Senior Security Engineer on the SRE Team at Skillshare, you’ll play a key role in helping us continuously improve our security programs to ensure the best experience for our users through the safety of our technology and data. 

    This role spans strategic work of putting in place forward-looking initiatives as well as responding to external threats on an ongoing basis, which means the opportunity for impact across the board.  We’re scaling quickly and are excited to bring someone onboard who can help us proactively tackle challenges – both in the day-to-day operations and anticipated future ones. 

    You’ll collaborate with the other members of the SRE team as well as the product development teams to plan and implement various security initiatives. We’ll look to your strategic expertise, reliable execution, and sound judgment to improve and maintain our security infrastructure, along with creating and improving processes for maintaining a secure product and environment.

    You’ll be joining a team that’s passionate about technology, and helping pave the way for building products together that we’re proud of. We’re excited to meet you.

    What you'll do:

      • Improve, monitor and maintain our information security.

      • Execute security initiatives related to infrastructure, product, and data.

      • Make strategic recommendations and improvements to our security.

      • Work with application developers to improve the security of various product features.

      • Proactively prep and train developers and raise the security awareness of everyone in the organization.

      • Quickly and proactively respond to incoming security threats.

      • Continually assess, address and report on the levels of threat and preparedness.

    Why we're excited about you:

      • 7+ years of experience building, supporting and securing cloud-based web infrastructure with AWS.

      • Knowledge of best security practices for building web applications.

      • Experience with security monitoring tools.

      • Experience in compliance with industry standards such as PCI, OWASP, NIST, GDPR etc.

      • Experience with Single Sign-on (SSO) for internal systems.

      • Understanding of and ability to deal with and prevent typical security threats and risks.

      • Deep understanding of web application infrastructure.

      • Working knowledge of software engineering.

      • Strong communication skills – you’re a natural collaborator and can report out to stakeholders of all levels.

      • Tech stack knowledge: Docker (Kubernetes experience is a plus), Linux, DataDog, AWS security products, MySQL.

    Why you're excited about us:

      • Impact: you’ll play a key role in shaping the direction of a comprehensive security approach long-term.

      • Growth: Our team is small, so you’ll have room to wear a lot of hats and take on more responsibility over time. 

      • Our mission: We are building a learning ecosystem for the new economy and changing millions of lives for the better.

      • Our team: We have a passionate, smart team that is a lot of fun to work with.

      • Your life: We take pride in our flexibility. Working remotely is part of how we need to work these days. You’re a professional, and we trust you to do what you need to do.
  • 2 weeks ago

    Are you looking for a new adventure with a positive impact?

    At Learnlife we are on the mission to build an open ecosystem for a new lifelong learning paradigm to positively change education worldwide. We empower learners, educators, schools, and governments through a new learner-centered paradigm that focuses on purpose-inspired and personal learning.

    A little bit about us

    Learnlife is based in Barcelona, where we also have opened our first Learning HUB (1200m2 @ Enrique Granados 7). We are an educational startup in the early phase with a team of thirty people in total and with six people working full-time on the digital part of the ecosystem we are building.

    Last year, we had our first seed investment round, which we secured during the June 2019 when we raised €3,1m in partnership with 19 entrepreneurial supporters from 11 countries. The funding round was led by BPO Capital, a vehicle of Benjamin Otto (Germany), an active shareholder of the Otto Group and co-founder of About You.

    We believe in empowered and autonomous teams, positive relationships, empathetic collaboration, growth through adventure, fair communities, and a culture of constructive transparency and honesty.

    Who we are looking for

    We’re looking for a senior software engineer to join our growing team. As someone coming into such a pivotal role in the company, you will influence how our products look, work, behave and feel over the coming years.

    You should send us an application if you:

    • Are searching for a startup-like environment with solid funding.

    • Have experience working on remote and in the ideal case also in the startup environment. 

    • Are looking for a full-stack senior software engineering role, and you’ve spent in the role already several years.

    • Have strong skills in Javascript and another backend programming language (Ruby & Ruby on Rails is a big plus).

    • Are able to step outside your role description and do what is needed in order to help the team succeed. 

    • Love technology and are hungry to learn.

    • Love to collaborate in a cross-functional team.

    • Are a great communicator (English).

    • Could solve problems independently. 

    • Are based in Europe or Brazil.

    • Having an active profile on Github with several open-source contributions under your belt isn’t required, but it is a big plus.

    Our tech stack:

    • Ruby on Rails, Javascript

    • PostgreSQL, MongoDB

    • Nginx, Unicorn, AWS

    How will your working day look like

    You will start your day when you want in the morning and decide for yourself where you’re going to work. The whole team usually work remotely, but there are certain periods when we gladly go to our office in Ostrava, Czech Republic or Barcelona, Spain. 

    First thing in the morning, we have an asynchronous stand-up via Basecamp.

    We usually summarize the previous day’s issues as well as tasks for the current day at the stand-up. 

    Everyone then works on their assignments during the day, and any other potential communication is carried on via Basecamp/Github/Calls. Nobody checks anybody as for when and how they work – only the results are important. 

    During the day and at the end of it, we commit the work in a standard way to Github where another developer always performs code review for you after you have completed a task.

    Currently, we have 4-weeks long development cycles. The first week of the cycle is from a big part focused on planning and is, therefore, more meeting heavy than other weeks.

Remotive can help!

Not sure how to apply properly to this job? Watch our live webinar « 3 Mistakes to Avoid When Looking For A Remote Startup Job (And What To Do Instead) ».

Interested to chat with Remote workers? Join our community!