Intermediate Backend Engineer - Govern: Authorization

An overview of this role

Help us build and iterate on our RBAC (role based access control) system. Our team’s primary responsibility is to flush out our authorization system to give customers full control over their member access. From zero to owner.

Custom roles allow an organization to create user roles with the precise privileges and permissions required for that organization’s needs. It’s a valuable, paid feature that our customers want more of. 

Beyond implementing custom permissions, and building features to help owners discover and manage their team, you’ll make architecture decisions to ensure the scalability and performance of the product. We’re at the earlier stages of the feature, and there’s a lot of choices for you to influence, including conventions, design patterns, and development guidelines.

Do you ever get bored working in the same problem space? So do we. This opportunity is unique in that you’ll have opportunities to jump over to our “sister” team Anti-abuse to work on more security focused features. Help your fellow teammates in the battle against crypto-mining by leveraging risk models, identity verification, and pipeline verification and analysis.

What You’ll Do

• Build and iterate on our RBAC system by implementing custom permissions.

• Build features to help owners discover and manage their team.

• Make decisions on the conventions, design patterns and development guidelines to ensure the growth of Custom Roles.

• Collaborate with team members in the refinement process.

• Collaborate with product counterpart on milestone planning.

• Weekly sync call with the group, and manager.

• Participate in working with other teams when workload or incidents require it.

What You’ll bring

• Significant professional experience with Ruby on Rails

• Strong experience with relational databases (postgres preferred)

• Experience with RBAC, ABAC

• Experience with OAuth, SAML, SCIM, LDAP

About the Team

The Authorization group is responsible for ensuring that an authenticated user has access to the proper resources within the application. We are focused on making our customizable permissions offering more robust by adding additional granular permissions every milestone. We are also making it more scalable by adding functionality like SAML group sync and LDAP role assignment support.

You can read about the work that the team is doing here . 

How GitLab will support you

• Benefits to support your health, finances, and well-being

• All remote , asynchronous work environment

• Flexible Paid Time Off

• Team Member Resource Groups

• Equity Compensation & Employee Stock Purchase Plan

• Growth and development budget 

• Parental leave  

• Home office support

Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply to a job unless they meet every single qualification. If you're excited about this role, please apply and allow our recruiters to assess your application.