GitLab15.05.2026

Manager, Security Incident Response Team (USA)

Remote

Обязанности

  • 01Manage day-to-day team operations - establish clear goals, performance expectations, and accountability for direct reports; monitor progress and ensure timely delivery of quality results
  • 02Develop and coach incident responders - provide candid, real-time feedback; advise on career growth; and foster a culture of investigation excellence, prioritizing depth and accuracy of analysis
  • 03Proactively identify and fill talent gaps - participate in hiring decisions with a focus on candidates who will amplify GitLab's values and raise the team's technical bar
  • 04Drive engagement and retention - recognize team member contributions, address engagement risks early, and create an environment of open feedback and psychological safety
  • 05Cascade organizational context - translate division and company-wide strategy into clear, actionable team priorities; keep team members informed in a timely manner
  • 06Implement and mature incident response processes - build and improve runbooks, procedures, and team capabilities that translate functional plans into tactical execution
  • 07Lead incident response - serve as an escalation point and incident commander for high-severity events, including occasional nights and weekends; model the standard for quality investigations
  • 08Enable cross-functional collaboration - coordinate effectively with peer SecOps teams, Legal, Customer Support, and Infrastructure to resolve incidents and close defense gaps through actionable retrospective mitigations
  • 09Align the team on defensive improvements - drive insights from alerts, investigations, and incidents to improve GitLab's security posture and support a 'shift left' mindset
  • 10Champion remote-first practices - consistently model and coach team members on GitLab's remote working best practices, async communication norms, and handbook-first culture

Требования

  • 01Proven people management experience - track record of managing and developing a team of security engineers, setting performance expectations, providing coaching, and driving accountability for results
  • 02Incident response leadership - demonstrated experience leading complex incident response operations, including large-scale incident coordination and the full lifecycle from triage to retrospective
  • 03Hands-on technical background - experience conducting security investigations and log analysis using SIEM tools (e.g., Splunk, Elastic); working knowledge of GCP and/or AWS, including cloud forensics
  • 04Customer-facing credibility - comfortable representing GitLab Security during customer escalations and high-visibility cybersecurity discussions
  • 05Proactive hunting and threat intelligence - proficiency in threat hunting based on intelligence, and familiarity with supply chain threats targeting SaaS platforms
  • 06AI and automation mindset - experience using AI/LLMs to improve incident response workflows

Условия

  • 01This role requires availability during US West Coast business hours
  • 02Some after-hours and weekend coverage may be required to support engineers during high-severity incidents
  • 03Candidates based on the West Coast are preferred, though candidates in other time zones who are comfortable working these hours are also welcome to apply