Manager, Application Security (APAC)

Confirmed live in the last 24 hours

GitLab

Remote, Australia; Remote, India; Remote, Japan; Remote, Singapore; Remote, South Korea

Remote

Posted April 17, 2026

Job Description

GitLab is the intelligent orchestration platform for DevSecOps. GitLab enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 50 million registered users and more than 50% of the Fortune 100* trust GitLab to ship better, more secure software faster.

The same principles built into our products are reflected in how our team works: we embrace AI as a core productivity multiplier, with all team members expected to incorporate AI into their daily workflows to drive efficiency, innovation, and impact. GitLab is where careers accelerate, innovation flourishes, and every voice is valued. Our high-performance culture is driven by our values and continuous knowledge exchange, enabling our team members to reach their full potential while collaborating with industry leaders to solve complex problems. Co-create the future with us as we build technology that transforms how the world develops software.

*Fortune 500® is a registered trademark of Fortune Media IP Limited, used under license. Claim based on GitLab data. Fortune 100 refers to the top 20% ranked companies in the 2025 Fortune 500 list, published in June 2025. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of GitLab.

An overview of this role

We are seeking a Security Manager, Application Security to drive the AppSec team at the tactical and operational level within the Security Platforms & Architecture (SPA) sub-department. The Application Security team is a key and critical stakeholder in securing GitLab’s product offerings.

In this role, you will manage and develop a team of Application Security Engineers (Intermediate through Staff) who perform security reviews, threat modeling, vulnerability triage, and secure design consultations across GitLab’s product surface. Your team is the front line of Product Security: the people reading the merge requests, talking to engineers, and evaluating features’ security posture before they are released to customers.

You will operate in an environment where feature delivery and platform capabilities are accelerating, architectures and technologies are evolving, and teams are continually balancing ambitious product goals with a strong security posture. In this context, you will help Product Security:

Ensure that material product security risks and tradeoffs are surfaced, acknowledged, and decided at the right leadership levels
Own operational execution for the team and ensure it operates through operational excellence.
Build capability across every team member through coaching, mentoring, and career development
Drive automation and AI-assisted enhancements of repeatable and time consuming work.

What you’ll do

Lead, develop, and mentor a team of Application Security Engineers focused on clearing roadblocks, career growth and development, coaching and mentoring.
Own the team’s operational cadence end to end: triage rotations, Application Security review queues, milestone planning.
Drive tactical execution of the Application Security program: scaling the team for non linear security gains, security reviews enhancements and secure design consultations for high-risk changes.
Lead AI adoption within the Application Security team: leverage AI-assisted/automated workflows for review triage, threat model generation, code analysis, and operational toil reduction. Champion practical AI use without losing critical thinking rigor.
Recommend and drive security-related technical and process improvements.
Author and execute project plans for security initiatives. Set schedules and assignments, anticipate roadblocks, and measure performance against goals.
Provide input on security architecture, features, and issues. Serve as a partner and enabler to Product and Engineering teams on application security decisions.
Partner with Security Architecture, Infrastructure Security, Security Research, and Security Operations on end-to-end risk reduction, aligning Application Security work with broader Product Security objectives.
Prepare and deliver meaningful, actionable metrics to Product Security leadership.
Hire and build a world-class team. Train team members to screen ca