
Gitlab · Remote
GitLab is the intelligent orchestration platform for DevSecOps. GitLab enables organizations to increase developer productivity, improve operational efficiency,...
GitLab is the intelligent orchestration platform for DevSecOps. GitLab enables organizations to increase developer productivity,
improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 50 million
registered users and more than 50% of the Fortune 100* trust GitLab to ship better, more secure software faster.
The same principles built into our products are reflected in how our team works: we embrace AI as a core productivity multiplier,
with all team members expected to incorporate AI into their daily workflows to drive efficiency, innovation, and impact. GitLab is
where careers accelerate, innovation flourishes, and every voice is valued. Our high-performance culture is driven by our
values and continuous knowledge exchange, enabling our team members to reach their full potential while collaborating with
industry leaders to solve complex problems. Co-create the future with us as we build technology that transforms how the world
develops software.
refers to the top 20% ranked companies in the 2025 Fortune 500 list, published in June 2025. Fortune and Fortune Media IP Limited
are not affiliated with, and do not endorse products or services of GitLab.
As a Senior Manager, Security Compliance at GitLab, you'll lead and mature our security compliance function while helping the
company meet the needs of customers, auditors, and regulators across a growing set of security and compliance requirements.
Reporting to the VP of Security Assurance, you'll bring deep expertise in security frameworks, risk-based thinking, and team
leadership to guide our certification strategy and strengthen how we manage compliance across the business.
In this role, you'll work across Security, Legal, IT, Product, and Engineering to evolve a compliance program that supports both
strong security outcomes and business growth. You'll help shape a roadmap that keeps pace with emerging regulations and
frameworks, while also improving how the team works through automation, artificial intelligence, and scalable processes. This role
is a strong fit for someone who can balance strategic leadership with operational excellence and who sees compliance as an
important customer trust and sales enabler.
frameworks while improving the way control testing and assurance activities are performed
and more time on high-value risk analysis and program maturity
high-performing function.
Control 2 (SOC 2), Payment Card Industry (PCI), TiSAX, Cyber Essentials, and Federal Risk and Authorization Management Program
(FedRAMP).
compliance requirements into business processes and technical systems.
compliance workflows, including compliance-as-code and policy-as-code practices.
and prepare the business for new requirements.
certification reviews, and penetration tests.
and giving leadership clear visibility into progress and risk.
internal teams, customers, and senior stakeholders, while helping strengthen GitLab's voice in the broader security market.
supporting external audits.
Technology (NIST), with public sector or FedRAMP experience preferred.
partnerships across a distributed organization.
to apply that knowledge in a fast-moving technology environment.
improvement.
compliance programs.
clearly to auditors, customers, executives, and cross-functional partners.
Manager (CISM), Certified Information Systems Auditor (CISA), or similar credentials are highly desirable.
Due to government requirements, you must be a United States Citizen (defined as any individual who is a citizen of the United
States by law, birth, or naturalization) to fill this position.
The Security Assurance organization helps GitLab build and maintain trust by strengthening how we approach security, compliance,
and assurance across the company. Within that group, the security compliance function works at the intersection of customer trust,
regulatory readiness, operational rigor, and business growth. The team partners broadly across GitLab to help ensure our controls,
certifications, and assurance activities support both secure operations and the needs of a global business.
The base salary range for this role’s listed level is currently for residents of the United States only. This range is intended to
reflect the role's base salary rate in locations throughout the US. Grade level and salary ranges are determined through
interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members,
alignment with market data, and geographic location. The base salary range does not include any bonuses, equity, or benefits. See
more information on our benefits and equity. Sales roles are also eligible for incentive pay targeted at up to 100% of the offered
base salary.
United States Salary Range
Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet
every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply to a
job unless they meet every single qualification. If you're excited about this role, please apply and allow our recruiters to
assess your application.
Country Hiring Guidelines: GitLab hires new team members in countries around the world. All of our roles are remote, however some
roles may carry specific location-based eligibility requirements. Our Talent Acquisition team can help answer any questions about
location after starting the recruiting process.
Privacy Policy: Please review our Recruitment Privacy Policy. Your privacy is important to us.
GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. GitLab’s policies and practices
relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit,
regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender
expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including
family medical history), discharge status from the military, protected veteran status (which includes disabled veterans, recently
separated veterans, active duty wartime or campaign badge veterans, and Armed Forces service medal veterans), or any other basis
protected by law. GitLab will not tolerate discrimination or harassment based on any of these characteristics. See also GitLab’s
EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know during
the recruiting process.
GitLab is the intelligent orchestration platform for DevSecOps. GitLab enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 50 million registered users and more than 50% of the Fortune 100* trust GitLab to ship better, more secure software faster. The same principles built into our products are reflected in how our team works: we embrace AI as a core productivity multiplier, with all team members expected to incorporate AI into their daily workflows to drive efficiency, innovation, and impact. GitLab is where careers accelerate, innovation flourishes, and every voice is valued. Our high-performance culture is driven by our values and continuous knowledge exchange, enabling our team members to reach their full potential while collaborating with industry leaders to solve complex problems. Co-create the future with us as we build technology that transforms how the world develops software. *Fortune 500® is a registered trademark of Fortune Media IP Limited, used under license. Claim based on GitLab data. Fortune 100 refers to the top 20% ranked companies in the 2025 Fortune 500 list, published in June 2025. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of GitLab. OVERVIEW OF THE ROLE The Senior Manager, Customer Trust & Security Governance helps GitLab turn security into a clear business enabler. In this role, you will oversee the programs that help our customers and prospects assess our security posture, reduce friction in our sales cycle, strengthen our security policy and standards, and make security outcomes visible across the business. Reporting to the VP of Security Assurance, you will own a broad scope across customer trust, governance, metrics, and security awareness, with a focus on building durable processes, improving documentation, and using automation and AI to help our team spend more time on high-value work. In your first year, you will shape how GitLab addresses customer security needs at scale, mature the security governance program, and improve how security is measured and communicated internally. You will work across Security, Sales, Legal, Product, Procurement, and other business partners, and you will help strengthen confidence in GitLab's AI-powered DevSecOps platform through practical guidance, clear standards, and thoughtful execution. WHAT YOU’LL DO * Lead the customer trust function for contract reviews, security questionnaires, requests for proposals, and related customer and vendor security inquiries. * Set direction, priorities, and operating practices that help the team respond effectively while reducing friction in the sales cycle. * Partner with Legal, Sales, Product, and Procurement to review and negotiate security-related terms in revenue and vendor agreements. * Manage escalations for complex security questionnaires, risk assessments, and contract issues, and guide teams toward practical solutions. * Develop and improve security templates, playbooks, fallback positions, and training materials that support faster, more consistent negotiations. * Build and maintain GitLab's library of security policies and collaborate with security subject matter experts to mature security standards. * Drive the security metrics and reporting program, including preparation and facilitation for quarterly business reviews. * Oversee an engaging security awareness program and use automation and AI tooling to improve workflows, documentation, and team effectiveness. WHAT YOU’LL BRING * Extensive experience leading security governance or customer-facing security programs in a complex, cross-functional environment. * Knowledge of security and compliance frameworks such as SOC 2, ISO 27001, FedRAMP, GDPR, and NIST. * Ability to review and negotiate security and privacy terms in contracts, with a practical approach to balancing risk and business needs. * Understanding of cloud security, software as a service security models, and DevSecOps practices. * Skill in translating technical security concepts into clear guidance for customers, executives, and internal partners. * Experience building or improving security policies, standards, metrics, reporting, or awareness programs. * Comfort working asynchronously with teams across Security, Sales, Legal, Product, and Engineering, and collaborating through written communication. * Openness to using automation and AI to improve scale and consistency, and to applying transferable experience from adjacent security, governance, or trust roles. DUE TO GOVERNMENT REQUIREMENTS, YOU MUST BE A UNITED STATES CITIZEN (DEFINED AS ANY INDIVIDUAL WHO IS A CITIZEN OF THE UNITED STATES BY LAW, BIRTH, OR NATURALIZATION) TO FILL THIS POSITION. ABOUT THE TEAM The team is responsible for helping GitLab demonstrate and operationalize trust through customer-facing security support, internal governance, measurable security outcomes, and security awareness. It works across regions in an asynchronous way and partners closely with Security, Sales, Legal, Product, Procurement, and Engineering to make security clear, practical, and scalable. This team supports both business velocity and sound governance by improving how GitLab responds to customer requirements, maintains security standards, and communicates progress. The base salary range for this role’s listed level is currently for residents of the United States only. This range is intended to reflect the role's base salary rate in locations throughout the US. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, alignment with market data, and geographic location. The base salary range does not include any bonuses, equity, or benefits. See more information on our benefits and equity. Sales roles are also eligible for incentive pay targeted at up to 100% of the offered base salary. United States Salary Range $168,000—$245,000 USD HOW GITLAB SUPPORTS FULL-TIME EMPLOYEES * Benefits to support your health, finances, and well-being * Flexible Paid Time Off * Team Member Resource Groups * Equity Compensation & Employee Stock Purchase Plan * Growth and Development Fund * Parental Leave Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply to a job unless they meet every single qualification. If you're excited about this role, please apply and allow our recruiters to assess your application. ---------------------------------------------------------------------------------------------------------------------------------- Country Hiring Guidelines: GitLab hires new team members in countries around the world. All of our roles are remote, however some roles may carry specific location-based eligibility requirements. Our Talent Acquisition team can help answer any questions about location after starting the recruiting process. Privacy Policy: Please review our Recruitment Privacy Policy. Your privacy is important to us. GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. GitLab’s policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including family medical history), discharge status from the military, protected veteran status (which includes disabled veterans, recently separated veterans, active duty wartime or campaign badge veterans, and Armed Forces service medal veterans), or any other basis protected by law. GitLab will not tolerate discrimination or harassment based on any of these characteristics. See also GitLab’s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know during the recruiting process.
GitLab is the intelligent orchestration platform for DevSecOps. GitLab enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 50 million registered users and more than 50% of the Fortune 100* trust GitLab to ship better, more secure software faster. The same principles built into our products are reflected in how our team works: we embrace AI as a core productivity multiplier, with all team members expected to incorporate AI into their daily workflows to drive efficiency, innovation, and impact. GitLab is where careers accelerate, innovation flourishes, and every voice is valued. Our high-performance culture is driven by our values and continuous knowledge exchange, enabling our team members to reach their full potential while collaborating with industry leaders to solve complex problems. Co-create the future with us as we build technology that transforms how the world develops software. *Fortune 500® is a registered trademark of Fortune Media IP Limited, used under license. Claim based on GitLab data. Fortune 100 refers to the top 20% ranked companies in the 2025 Fortune 500 list, published in June 2025. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of GitLab. AN OVERVIEW OF THIS ROLE As the Senior Product Manager, AI Platform Management at GitLab, you'll help define how platform teams safely operate and govern agentic AI at scale. This role sits at the center of GitLab's AI platform direction, where you'll shape the product strategy for the AI Control Plane and the foundational services that support the Agentic Factory. You'll work on problems that matter to enterprise customers, including governance, policy enforcement, auditability, and safe agent execution across fast-changing AI ecosystems. You'll partner closely with Engineering, Design, Go-to-Market teams, and GitLab's top enterprise customers to turn complex platform and compliance needs into clear product direction. This is a role for someone who can think in systems, make choices in ambiguity, and balance near-term delivery with long-term platform architecture. In your first year, you'll focus on validating customer needs, refining the roadmap for core control plane capabilities, and helping GitLab build a strong product foundation for human-agent collaboration. WHAT YOU’LL DO * Drive product strategy and execution for GitLab's AI Platform Management area, with a focus on governance, control, and platform services for agentic AI. * Own the AI Control Plane as the central experience for platform teams to define guardrails, configurations, governance policies, and audit evidence around agent activity. * Own the foundational control plane services for the Autonomous Factory, including the Flow Execution Engine, the Constraint & Policy Store, and the Audit Log Service. * Conduct competitive analysis across AI agent execution platforms, large language model providers, and adjacent market alternatives to inform product direction and differentiation. * Identify customer problems and monetization opportunities, develop solution concepts, and validate them through close partnership with field teams and customers. * Engage directly with GitLab's top enterprise customers for product discovery, research, design partnership, and ongoing feedback loops. * Translate governance, compliance, and enterprise platform requirements into clear product requirements, priorities, and acceptance criteria for cross-functional teams. * Communicate product narrative, strategy, tradeoffs, and roadmap updates effectively with internal leaders and customer stakeholders. WHAT YOU’LL BRING * Product management experience owning platform or governance products in a B2B SaaS environment, with the ability to drive strategy and execution in complex technical domains. * Experience shipping foundational services with downstream integration points, not just features layered on top of existing systems. * Strong platform product instincts and the ability to balance short-term roadmap needs with longer-term architectural direction. * Deep knowledge of enterprise governance concepts such as software development lifecycle governance, policy as code, enforcement patterns, and audit trail completeness in regulated environments. * Fluency in agentic AI concepts at the platform level, including harnesses, context, tools, MCP, skills, agent identity, registration, and session lifecycle. * Hands-on experience with AI agent platforms or major AI providers such as OpenAI, Claude, Amazon Bedrock, Vertex, or similar ecosystems. * Working knowledge of compliance frameworks such as the EU AI Act, ISO 42001, SOC 2, HIPAA, or related standards, and the ability to map product capabilities to customer compliance requirements. * Strong executive communication skills and comfort operating in fast-moving, ambiguous spaces where priorities can shift while the strategic direction stays clear. About the team We are focused on building the platform capabilities that help GitLab support the next phase of AI-powered software development. You'll work with teammates who are solving hard product problems at the intersection of AI, platform architecture, enterprise governance, and customer confidence. Our work is highly cross-functional and has direct impact on how GitLab brings safe, manageable, and scalable agentic experiences to customers. We operate in GitLab's all-remote, asynchronous environment and work closely across Product, Engineering, Design, Sales, and customer-facing functions. You'll be part of a group that values clear thinking, direct communication, iteration, and strong ownership. Because this area is evolving quickly, we are focused on learning fast, staying close to customers, and building durable platform foundations that can adapt as AI protocols, governance expectations, and enterprise needs continue to change. HOW GITLAB SUPPORTS FULL-TIME EMPLOYEES * Benefits to support your health, finances, and well-being * Flexible Paid Time Off * Team Member Resource Groups * Equity Compensation & Employee Stock Purchase Plan * Growth and Development Fund * Parental Leave Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply to a job unless they meet every single qualification. If you're excited about this role, please apply and allow our recruiters to assess your application. ---------------------------------------------------------------------------------------------------------------------------------- Country Hiring Guidelines: GitLab hires new team members in countries around the world. All of our roles are remote, however some roles may carry specific location-based eligibility requirements. Our Talent Acquisition team can help answer any questions about location after starting the recruiting process. Privacy Policy: Please review our Recruitment Privacy Policy. Your privacy is important to us. GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. GitLab’s policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including family medical history), discharge status from the military, protected veteran status (which includes disabled veterans, recently separated veterans, active duty wartime or campaign badge veterans, and Armed Forces service medal veterans), or any other basis protected by law. GitLab will not tolerate discrimination or harassment based on any of these characteristics. See also GitLab’s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know during the recruiting process.
THE MISSION OroraTech is a global intelligence-as-a-service company leveraging thermal data from space. As we continue to expand internationally and engage with governmental and regulated customers, compliance with export control regulations is becoming a strategic capability for our organization. We are looking for an experienced and pragmatic compliance leader to build and lead OroraTech's global Export Controls & Compliance function. You will establish and own OroraTech's global Export Control Compliance Program, ensuring the company can confidently operate across international markets while meeting applicable export control and regulatory requirements. Working closely with Legal, Product, Engineering, Sales, Operations, and external advisors, you will develop the governance, processes, and controls necessary to support the company's continued growth. This role is focused on building a scalable compliance framework rather than acting as a specialist in every jurisdiction. You will report directly to the CFO and serve as the central owner and driver of OroraTech's compliance activities. WHAT YOU’LL BE DOING Build and Scale the Compliance Function * Establish OroraTech's global Compliance Framework with immediate focus on Export Control Compliance Program. * Develop policies, procedures, governance structures, and internal controls. * Define compliance ownership and responsibilities across the organization. * Build scalable processes that support future growth across Europe, North America, and other international markets. * Create management reporting and compliance metrics. Export Controls * Lead export classification activities for products, software, technology, and services. * Assess applicability of: * EU Dual-Use Regulation * German BAFA requirements * U.S. EAR * U.S. ITAR * Canadian export control regulations * Develop and maintain technology transfer controls and related processes. * Support export licensing activities and interactions with relevant authorities. * Implement screening, due diligence, and recordkeeping procedures. * Advise business teams on export control implications of new products, partnerships, international opportunities, and customer engagements. Governance & Risk Management * Including cross-functional compliance topics (IT security compliance, whistleblowing, ESG-Compliance etc.) * Conduct compliance risk assessments. * Monitor regulatory developments and assess business impact. * Develop compliance training and awareness programs. * Coordinate internal reviews and remediation activities. * Maintain documentation and evidence required to demonstrate compliance. * Support leadership in evaluating compliance risks associated with strategic initiatives. Stakeholder & Advisor Management * Manage relationships with external law firms, compliance advisors, and specialized service providers. * Coordinate compliance initiatives across multiple jurisdictions and business functions. * Support customer due diligence and compliance reviews. * Translate regulatory requirements into practical and business-friendly processes. * Act as the primary internal point of contact for export control matters. RELEVANT SKILLS Required * 10+ years of experience in Export Controls, Regulatory Compliance, Government Compliance, or a related field. * Experience building, implementing, or scaling compliance programs and governance structures. * Strong knowledge of major export control frameworks (EU Dual Use/BAFA, EAR/ITAR). * Knowledge in setting up VS-NfD, SOC2, and NIS2. * Strong project management and stakeholder management skills. * Ability to translate complex regulatory requirements into practical and scalable business processes. * Experience working cross-functionally with Legal, Engineering, Product, Commercial, and Operations teams. * Excellent communication skills in German and English. * On-site presence 2-3 days per week in Munich required. Preferred * Experience e.g. in: * Space * Aerospace * Defense * Satellite Communications * Government Technology * Critical Infrastructure * Experience in a fast-growing technology company or scale-up environment. * Experience managing external legal counsel and compliance advisors. * Knowledge of both EU and U.S. export control frameworks. * Experience supporting international technology transfers, and hardware and software-based products. * Experience supporting government or defense-related programs. * Relevant certifications in export controls, compliance, risk management, or related disciplines. OUR BENEFITS At OroraTech, you can expect a down-to-earth, yet high-caliber work environment. You will become an integral part of the OroraTech satellite development - a talented, international, open-minded team that is highly motivated to create impact. OroraTech gives you the opportunity to grow on a professional and personal level. Be part of the solution to climate change. Our Benefits include: * A responsible position with individual autonomy and design freedom * Company pension scheme (bAV = Betriebliche Altersversorgung) * Company accident insurance (supplementary insurance for accidents during work and leisure time around the world 24/7) * Company international travel health insurance (supplementary insurance covering worldwide travel for business or leisure) * Flexible working hours and home office option (including working from other countries within the EU) * Corporate health benefit via discounted EGYM Wellpass subscription * Corporate mental health benefit via nilo * Corporate mobility benefit via supplementary payment for the DB Deutschland Ticket * Corporate lunch benefit via hrmony * Corporate bike leasing program via JobRad * Modern office at Neue Balan with a wonderful pool and campus area