GitLab is expanding its Software Supply Chain Security (SSCS) offering to address a massive market opportunity ($3-8B with 85% enterprise adoption projected by 2028) driven by regulatory mandates and widespread supply chain attacks, creating an urgent need for a new type of security.
Requirements
- Product management experience owning complex security products, with a focus on software supply chain security or adjacent areas.
- Knowledge of software supply chain concepts such as provenance, attestation, signing and verification, and experience with frameworks like SLSA.
- Experience with dependency risk and software composition analysis (SCA), including working with or around dependency scanning, SBOM, and related tooling.
- Ability to translate highly technical topics into clear, value-focused narratives for different audiences, including customers and non-technical stakeholders.
- Experience collaborating with engineering, UX, and cross-functional partners to define roadmaps and ship iterative product improvements.
- Background in security, DevSecOps, or developer-focused products, or transferable experience in similarly technical B2B SaaS domains.
- Openness to learning new technologies and frameworks in the supply chain security space, and to contributing effectively in a globally distributed, asynchronous team environment.
Responsibilities
- Lead the end-to-end product strategy for the Software Supply Chain Security (SSCS) add-on, defining and evolving the vision across its main pillars.
- Drive discovery, prioritization, and delivery for capabilities such as dependency firewall, SBOM, malicious package detection, and provenance/attestation, based on customer needs and business impact.
- Collaborate with engineering managers and engineers to break down complex supply chain security concepts into clear requirements and iterative roadmaps.
- Engage directly with customers and prospects to explain SSCS and SLSA framework concepts in accessible language, gather feedback, and translate it into product improvements.
- Analyze market trends and competitive offerings in software composition analysis (SCA), software supply chain security, and related areas to inform positioning and backlog decisions.
- Define and track product success signals and operational metrics for the SSCS add-on, using data to guide trade-offs and communicate outcomes to leadership.
- Represent the SSCS domain internally as a subject matter expert, creating simple visuals, narratives, and documentation that help teams across GitLab understand the value and direction of the product.
Other
- Partner with cross-functional stakeholders in sales, customer success, and support to understand use cases, validate demand (for example, large ACV opportunities), and enable successful adoption.
- Contribute effectively in a globally distributed, asynchronous team environment.
- GitLab is proud to be an equal opportunity workplace and is an affirmative action employer.
- GitLab will not tolerate discrimination or harassment based on any of these characteristics.
- If you have a disability or special need that requires accommodation, please let us know during the recruiting process.
