The GitLab DevOps platform empowers 100,000+ organizations to deliver software faster and more efficiently. We are one of the world’s largest all-remote companies with 1,600+ team members and values that guide a culture where people embrace the belief that everyone can contribute.
Location - This position is 100% remote, based in North America.
The Manager, IT Security Operations job family leads a team of highly-collaborative and results-oriented IT Security and IT Compliance team members tasked with assessing, identifying gaps, and developing and maturing Security and Compliance processes and policies. The Manager, IT Security Operations is in charge of scaling, increasing performance, providing team leadership and guidance to help evolve the security programs in accordance with strategic objectives, identify and engineer technology initiatives, and develop and enhance defensive measures.
Don’t have a ton of knowledge about GitLab yet? Don’t worry. We have an extensive onboarding and training program at GitLab and you will be provided with necessary DevOps and GitLab knowledge to fulfil your role.Responsibilities
- Lead a team of highly capable Security engineering staff who maintain security for system environments (Mac OS X, Windows, LINUX, AWS, GCP VDI etc.)
- Ability to mentor and have the capability influencing the group.
- Create and drive proactive monitoring and reporting for endpoint and system health including, patching, compliance, and other performance metrics.
- Manage vulnerability remediation and incident handling across global resources
- Implement new security technologies as required to support a dynamic/challenging business environment
- Identify operational opportunities to implement security orchestration and automation capabilities
- Support InfoSec-managed tools and enforcement of global security controls
- Effectively provide general information security guidance & technology support to the business
- Manage on call schedule and incident escalations
- Maintain the day to day operations of configuration management platforms including application deployment and settings distribution
- Work as the escalation point between various teams for Security related activities.
- Drive client and system security model and best practices
- Drive business decisions through data using tools like Splunk
- Integrate with other internal systems and tools
- Manage transition plans for major upgrades or patches
- Diagnose and investigate unique and complex systemic problems
- Work proficiently with minimal daily guidance and bring mature seasoned skills when working
- Evaluate and communicate security risk to a wide and varying audience
- 5+ years leadership experience, with an IT Security focused role
- Experience executing in a cloud first technology organization
- Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details
- Experience evaluating risk and assigning risk ranking or ratings
- Must have demonstrated ability to articulate a vision, service roadmap and be able to communicate status of key milestones
- Familiar with security controls or concepts related to various security community groups or standards: CISSP Domains, NIST cybersecurity & privacy frameworks, CIS benchmarks, OSI model
- Proven experience within Incident Response situations and demonstrated ability to handle and maintain confidential information in a professional manner
- Must possess strong written and verbal communication skills, and be capable of understanding, documenting, communicating, and presenting technical issues in a non-technical manner to audiences with varying degrees of technical expertise
- Be a team player and enjoy collaborating on cross-functional teams
- Familiar with compliance and privacy regulations such as PCI, GDPR, CCPA, SOX, and other regulations/standards
- Leadership skills and the ability to mentor or provide guidance to teams
- CISSP, CCSP, or other relevant industry security-focused certifications preferred
- Bachelor’s Degree or equivalent work experience required
- Successful completion of a background check – see the GitLab Code of Business Conduct and Ethics.
- Leadership at GitLab
- Ability to use GitLab
- A shared interest in our values, and working in accordance with those values
Also, we know it’s tough, but please try to avoid the confidence gap. You don’t have to match all the listed requirements exactly to be considered for this role.Hiring Process
To view the full job description and hiring process, please view our handbook. Additional details about our process can also be found on our hiring page.Compensation
Country Hiring Guidelines: GitLab hires new team members in countries around the world. All of our roles are remote, however some roles may carry specific location-based eligibility requirements. Our Talent Acquisition team can help answer any questions about location after starting the recruiting process.
GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. GitLab’s policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including family medical history), discharge status from the military, protected veteran status (which includes disabled veterans, recently separated veterans, active duty wartime or campaign badge veterans, and Armed Forces service medal veterans), or any other basis protected by law. GitLab will not tolerate discrimination or harassment based on any of these characteristics. See also GitLab’s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know during the recruiting process.