Senior Backend Engineer, SSCS: AI Governance

As a Senior Backend Engineer, AI Governance at GitLab, you will help build the backend systems behind a paid product for regulated enterprise organizations. This role sits at the intersection of AI, governance, and enterprise backend engineering, providing customers with visibility, policy controls, and compliance evidence for AI use within the software development lifecycle.

You will contribute across the AI Governance product surface, working on audit event ingestion, role-based access control (RBAC), and governance features for the Model Context Protocol (MCP) registry. This is a high-impact role where product requirements are shaped by emerging AI regulations and enterprise governance needs.

What You’ll Do

• Audit Pipeline: Implement and evolve the AI audit event pipeline, including event ingestion, schema normalization, storage design, and export capabilities.

• Access Control: Integrate permissions for audit logs, policy configuration, and dashboards into GitLab's existing authorization model.

• Agent Artifacts: Build backend functionality to support structured storage and retrieval of AI agent run metadata alongside existing CI/CD artifacts.

• Registry Governance: Build backend services for the MCP registry, including tool metadata and enforcement controls to restrict or block access.

• Data Optimization: Design and optimize data models for high-write, event-heavy systems using PostgreSQL and ClickHouse.

• Architecture & Testing: Contribute to architecture decisions and maintain rigorous RSpec and integration test coverage.

What You’ll Bring

• Backend Expertise: Extensive experience building backend applications with Ruby on Rails in production environments.

• AI Infrastructure: Proficiency in Python and experience building services that support AI gateways or adjacent infrastructure.

• Database Skills: Extensive experience with PostgreSQL and ClickHouse, specifically regarding schema design, partitioning, and high-volume event workloads.

• API Design: Experience building REST or GraphQL APIs for reliable storage and retrieval workflows.

• Governance Knowledge: Solid understanding of authorization, RBAC, and enterprise governance requirements (e.g., audit trails, retention, telemetry).

• Communication: Clear written communication skills for an async-first, remote environment.

About the Team

The AI Governance team focuses on helping organizations gain visibility into AI usage inside GitLab. We work on two broad areas: visibility (audit events, usage tracking) and policy controls (compliance requirements). We collaborate closely with adjacent AI and Continuous Delivery teams to integrate these capabilities deeply into the GitLab platform.