The GitLab DevSecOps platform empowers 100,000+ organizations to deliver software faster and more efficiently. We are one of the world’s largest all-remote companies with 2,000+ team members and values that foster a culture where people embrace the belief that everyone can contribute. Learn more about Life at GitLab.
The Security Incident Response Team - SIRT is on the forefront of active security events that impact both GitLab.com and GitLab the company. Our vision is to detect security incidents before they happen and to respond promptly when they do happen. We ensure maximum operational uptime of mission critical infrastructure and informational assets in its daily operations. This mission is achieved by providing effective crisis response, timely distribution of security notifications, continuous monitoring of potential issues, postmortem of major incidents for training and environmental awareness. You will be leading a team of Security Engineers responsible for building and maintaining the tools we use to detect and respond to emerging threats in efficient and scalable ways, respond to security incidents and drive them to resolution, and develop and deploy preventative security measures for the GitLab organization and GitLab.com.
- Hire a world class team of security engineers to work on their team
- Help their team grow their skills and experience
- Provide input on security architecture, issues, and features
- Hold regular 1:1's with all members of their team
- Create a sense of psychological safety on their team
- Be your team's role model in terms of positive thinking, de-escalating conflict, and taking time off
- Identify the need to, and drive the implementation of security-related technical and process improvements
- Author project plans for security initiatives
- Draft and successfully deliver on quarterly OKRs
- Train team members to screen candidates and conduct engineering interviews
- Build a substantial, collaborative partnership with Legal, Infrastructure, Development and Product departments
- Assume the role of an Incident Manager during larger security events
- Proven track record as an experienced member of Security Operations or Incident Response teams - either as an Individual Contributor or as a Manager
- Hands-on experience with Security Information and Event Management (SIEM) tools
- Experience with leading Security or security-focused Site Reliability teams
- Excellent written and verbal communication skills, especially experience with executive-level communications
- Capability to make concrete progress in the face of ambiguity and imperfect knowledge
- Being comfortable with often not being in control of their time (because security events don't care about anyone's plans)
- Willingness to be part of the Security Manager On-Call rotation
- Robust understanding of security issues, mitigations, and a solid grasp of the current global threat landscape
- Experience with the role of an incident manager during medium and large scale security events
- First hand experience with major cloud providers - GCP, AWS, Azure, Digital Ocean
- Alignment with Manager responsibilities as outlined in Leadership at GitLab
Candidates for this position can expect the hiring process to follow the order below. Please keep in mind that candidates can be declined from the position at any stage of the process.
- Qualified candidates will be invited to schedule a 30-45 minute screening call with one of our Global Recruiters.
- Next, candidates will be invited to schedule an interview with Security Incident Response Team Manager
- Candidates will then be invited to schedule an interview with the other Managers in the SIRT
- Candidates will then be invited to schedule an interview with the Department Head
Additional details about our process can be found on our hiring page.
Country Hiring Guidelines
GitLab hires new team members in countries around the world. All of our roles are remote, however, some roles may carry specific location-based eligibility requirements. This role is open for team members based in Hawaii, US only.
Country Hiring Guidelines: GitLab hires new team members in countries around the world. All of our roles are remote, however some roles may carry specific location-based eligibility requirements. Our Talent Acquisition team can help answer any questions about location after starting the recruiting process.
GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. GitLab’s policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including family medical history), discharge status from the military, protected veteran status (which includes disabled veterans, recently separated veterans, active duty wartime or campaign badge veterans, and Armed Forces service medal veterans), or any other basis protected by law. GitLab will not tolerate discrimination or harassment based on any of these characteristics. See also GitLab’s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know during the recruiting process.