GitLab
Build software faster. The One DevOps Platform enables your entire org to collaborate around your code. We're hiring.
Senior Manager, Security Incident Response Team
Location
California
Posted
6 days ago
Salary
$168K - $280K / year
Bachelor DegreeEnglishAWSCloudCyber SecurityGoogle Cloud PlatformSplunk
Job Description
• Serve as trusted advisor as part of the security division’s leadership team, actively shaping the program direction.
• Build and mature incident response runbooks, procedures, and capabilities.
• Provide leadership to multiple security operations team shifts that will sometimes require you to work on nights or weekends.
• Develop a culture of incident response excellence through a focus on investigation depth and accuracy.
• Lead cross-functional collaboration between peer SecOps teams, security departments, and extended support teams such as Legal, Customer Support, and Infrastructure.
• Foster a defense first mindset through actionable incident retrospective mitigations to close defense gaps, making GitLab a hard target for attackers.
• Lead a team of expert security engineers with experience in security automation, deep dive forensics and incident response, AI detection and response capabilities, and GitLab the product.
• Support response readiness and expertise about new GitLab corporate and product capabilities and features.
• Drive insights from the alerts, investigations, and incidents handled by SIRT to improve the security posture of GitLab.
Job Requirements
- Experience assisting customers during high visibility and urgency security incidents and being comfortable representing GitLab Security during customer cybersecurity questions and escalations.
- Proven ability to deliver results across a global incident response team of 10+ engineers, and matrixed teams such as the Security division, and supporting R&D teams (Product, Engineering, Infrastructure, etc).
- Proven experience in incident response leadership and large scale incident coordination.
- Experience conducting investigations and log analysis using SIEM tools, such as Splunk or Elastic.
- Working knowledge of Google Cloud Platform (GCP) and/or AWS as well as cloud forensics
- Proficiency in proactive hunting based on threat intelligence
- Experience using GitLab (or a related DevSecOps platform like GitHub) for project tracking - Bonus points if you have experience responding to threats against a SaaS platform.
- A passion for investigation quality and depth of analysis - prioritizing quality over speed.
- Experience using AI/LLMs to automate and improve incident response processes and capabilities.
- An understanding of supply chain threats and how to defend a SaaS platform against such threats.
Benefits
- Benefits to support your health, finances, and well-being
- Flexible Paid Time Off
- Team Member Resource Groups
- Equity Compensation & Employee Stock Purchase Plan
- Growth and Development Fund
- Parental leave
- Home office support
