Overview
Senior AI Product Security Researcher role at GitLab. GitLab is an open-core software company that develops an AI-powered DevSecOps Platform used by 100,000+ organizations. The team aims to enable collaboration between developers and AI agents while maintaining strong security across the platform.
The Security Platforms & Architecture Team seeks a senior security researcher to conduct cutting-edge security research on GitLab's AI-powered capabilities, proactively identifying and validating vulnerabilities before they impact the platform or customers.
What You'll Do
* Identify and validate security vulnerabilities in GitLab\'s AI systems through hands-on testing, developing proof-of-concept exploits that demonstrate real-world attack scenarios
* Execute comprehensive penetration testing targeting AI agent platforms, including prompt injection, jailbreaking, and workflow manipulation techniques
* Research emerging AI security threats and attack techniques to assess their potential impact on GitLab\'s AI-powered platform
* Design and implement testing methodologies and tools for evaluating AI agent security and multi-agent system exploitation
* Create detailed technical reports and advisories that translate complex findings into actionable remediation strategies
* Collaborate with AI engineering teams to validate security fixes through iterative testing and verification
* Contribute to the development of AI security testing frameworks and automated validation tools
* Partner with Security Architecture to inform architectural improvements based on research findings
* Share knowledge and mentor team members on AI security testing techniques and vulnerability discovery
What You'll Bring
* 5+ years of experience in security research, penetration testing, or offensive security roles, with demonstrated expertise in AI/ML security
* Hands-on experience discovering and exploiting vulnerabilities in AI systems and platforms
* Strong understanding of AI attack vectors including prompt injection, agent manipulation, and workflow exploitation
* Proficiency in Python with experience in AI frameworks and security testing tools
* Experience with offensive security tools and vulnerability discovery methodologies
* Ability to read and analyze code across multiple languages and codebases
* Strong analytical and problem-solving skills with creative thinking about attack scenarios
* Excellent written communication skills for documenting technical findings and creating security advisories
* Ability to translate technical findings into clear risk assessments and remediation recommendations
Nice To Have Qualifications
* Direct experience testing AI agent platforms, conversational AI systems, or AI orchestration architectures
* Published security research or conference presentations on AI security topics
* Background in software engineering with distributed systems expertise
* Security certifications such as OSCP, OSCE, GPEN, or similar
* Experience with GitLab or similar DevSecOps platforms
* Knowledge of AI agent communication protocols and multi-agent architectures
About The Team
Security Researchers are part of the Security Platforms and Architecture team, addressing complex security challenges to enable GitLab to be the most secure software factory platform. The team focuses on systemic product security risks and works cross-functionally to mitigate them while maintaining Engineering\'s development velocity.
How GitLab Will Support You
* Benefits to support your health, finances, and well-being
* All remote, asynchronous work environment
* Flexible Paid Time Off
* Team Member Resource Groups
* Equity Compensation & Employee Stock Purchase Plan
* Growth and Development Fund
* Parental leave
* Home office support
Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply unless they meet every single qualification. If you\'re excited about this role, please apply and allow our recruiters to assess your application.
The base salary range for this role\'s listed level is currently for residents of listed locations only. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, and alignment with market data. See more information on our benefits and equity. Sales roles are also eligible for incentive pay targeted at up to 100% of the offered base salary.
California/Colorado/Hawaii/New Jersey/New York/Washington, DC/Illinois/Minnesota pay range
$124,000—$266,400 USD
Country Hiring Guidelines: GitLab hires new team members in countries around the world. All roles are remote, but some roles may have location-based eligibility requirements. Our Talent Acquisition team can answer questions about location after starting the recruiting process.
Privacy Policy: Please review our Recruitment Privacy Policy. Your privacy is important to us.
GitLab is proud to be an equal opportunity workplace and an affirmative action employer. Our policies and practices are based on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information, discharge status from the military, protected veteran status, or any other basis protected by law. We will not tolerate discrimination or harassment based on these characteristics. See also GitLab\'s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know during the recruiting process.
#J-18808-Ljbffr