Senior Backend Engineer (RoR), SSCS: Authorization

As a Senior Backend Engineer on the Authorization team, you'll build and evolve the core systems that decide who can access what across the entire GitLab platform. You'll architect and implement next-generation authorization infrastructure, including policy-as-code approaches, fine-grained permissions, and performance optimizations at massive scale.

Your work directly impacts millions of users, from startups to large enterprises, enabling GitLab's move toward a zero-trust architecture while keeping authorization fast and secure. You'll work closely with Security, Database, and Platform teams to design capabilities that span various deployment models and multi-tenant environments.

Examples of our projects:

• Implementing fine-grained permissions for Job Tokens, Personal Access Tokens, and the GitLab Duo agent platform.

• Collaborating on Auth stack initiatives that evolve how authorization works across GitLab.

What You’ll Do

• Implement Permission Systems: Build fine-grained permission systems for Job Tokens, Personal Access Tokens, the GitLab Duo Agent Platform, and other authentication mechanisms.

• Cross-Functional Collaboration: Partner with Security, Authentication, Database, and Platform teams to align designs and implementation plans.

• Performance Optimization: Solve complex challenges in authorization, including query optimization, caching strategies, and database decomposition in PostgreSQL.

• System Evolution: Design authorization systems that work across multiple deployment models and multi-tenant architectures while maintaining reliability.

• Technical Leadership: Drive improvements to authorization security and maintainability through code review, documentation, and mentorship.

• Strategic Architecture: Contribute to long-term architectural decisions, balancing immediate needs with future scalability.

• Mentor Engineers: Support others in authorization patterns, policy-based access control, and secure coding practices in an asynchronous environment.

What You’ll Bring

• Backend Expertise: Professional experience building and maintaining production applications with Ruby on Rails or similar frameworks.

• Authorization Knowledge: Strong understanding of RBAC, ABAC, and fine-grained permission patterns.

• Scalable System Design: Experience optimizing high-scale backend systems, specifically PostgreSQL performance tuning and query optimization.

• Policy-as-Code: Familiarity with or interest in modern policy languages such as Cedar or Rego.

• Security Fundamentals: Understanding of threat modeling, least-privilege access, and zero-trust architectures.

• Cloud Architecture: Experience with distributed systems and service-to-service communication in multi-tenant environments.

• Ownership: Ability to drive complex technical initiatives from design through deployment in an asynchronous, remote setting.

About the Team

The Authorization team designs and maintains the permission systems that control access across the GitLab platform. We lead the evolution of our architecture toward modern policy-as-code approaches and flexible access control for customers of all sizes. We collaborate asynchronously across time zones to align on identity, data modeling, and threat modeling needs.