Tech Stack
Tag name is followed by "@" symbol and proficiency level value.
About proficiency levels:
- 1-2 — basic awareness. Minimal hands-on experience, and a rudimentary understanding of the technology's purpose;
- 3-6 — daily use. Comfortable and regular usage, capable of handling common tasks and challenges related to the technology;
- 7-9 — you are an expert, you can teach others, you know all the pitfalls and tricks;
- 10 — exceptional knowledge, comprehensive understanding, and adeptness in all aspects of the technology, including advanced problem-solving. Think twice before claiming or demanding such level.
AI @ 3
AWS @ 3
Communication @ 3
Customer Support @ 3
GCP @ 3
Hiring @ 3
LLM
Leadership @ 3
People Management @ 3
Security @ 3
Splunk @ 3
- 1-2 — basic awareness. Minimal hands-on experience, and a rudimentary understanding of the technology's purpose;
- 3-6 — daily use. Comfortable and regular usage, capable of handling common tasks and challenges related to the technology;
- 7-9 — you are an expert, you can teach others, you know all the pitfalls and tricks;
- 10 — exceptional knowledge, comprehensive understanding, and adeptness in all aspects of the technology, including advanced problem-solving. Think twice before claiming or demanding such level.
Details
GitLab is hiring a manager to lead the Security Incident Response Team (SIRT) in the Americas region. SIRT manages and investigates cybersecurity incidents across GitLab operating environments and operates in a tierless SOC model. The team is responsible for threat hunting, alert triage, security investigations, deep-dive DFIR, and large-scale incident response. This role emphasizes incorporating AI and automation into team workflows and requires availability during US West Coast business hours.
Responsibilities
- Manage day-to-day team operations: establish goals, performance expectations, and accountability; monitor progress and ensure timely delivery of quality results.
- Develop and coach incident responders: provide candid, real-time feedback; advise on career growth; foster a culture of investigation excellence prioritizing depth and accuracy.
- Participate in hiring and proactively fill talent gaps to raise the team's technical bar.
- Drive engagement and retention: recognize contributions and address engagement risks early.
- Cascade organizational context: translate division and company strategy into clear, actionable team priorities.
- Implement and mature incident response processes: build and improve runbooks, procedures, and team capabilities.
- Lead incident response: serve as escalation point and incident commander for high-severity events (occasional nights/weekends may be required).
- Enable cross-functional collaboration with peer SecOps teams, Legal, Customer Support, and Infrastructure to resolve incidents and close defense gaps.
- Align the team on defensive improvements: drive insights from alerts, investigations, and incidents to improve GitLab's security posture and support a "shift left" mindset.
- Champion remote-first practices and model GitLab's async communication norms and handbook-first culture.
Requirements
- Proven people management experience managing and developing security engineers, setting performance expectations, providing coaching, and driving accountability.
- Incident response leadership with experience leading complex incident response operations and the full lifecycle from triage to retrospective.
- Hands-on technical background conducting security investigations and log analysis using SIEM tools (e.g., Splunk, Elastic).
- Working knowledge of GCP and/or AWS, including cloud forensics.
- Comfortable representing GitLab Security during customer escalations and high-visibility cybersecurity discussions (customer-facing credibility).
- Proficiency in proactive threat hunting and familiarity with threat intelligence and supply chain threats targeting SaaS platforms.
- Experience using AI/LLMs and automation to improve incident response workflows and automate repetitive processes.
- Familiarity with GitLab or comparable DevSecOps platforms; bonus for experience responding to threats against a SaaS platform.
- Ability to prioritize under pressure and make sound operational decisions quickly.
- Due to government requirements, applicants must be United States citizens.
Location & Hours
- Remote (United States). Candidates must be based in the US and be available during US West Coast business hours; West Coast–based candidates preferred. Some after-hours and weekend coverage may be required.
Compensation
- United States base salary range: $150,000 - $235,000 USD (base salary only; does not include bonuses, equity, or benefits).
About the Team
- SIRT is a globally distributed team across AMER, APAC, and EMEA. The team responds to security alerts, leads security investigations, conducts threat hunts, collaborates on purple teaming exercises, builds threat detections, improves telemetry, and investigates trending threats.
Benefits
- Flexible Paid Time Off and benefits supporting health, finances, and well-being.
- Team Member Resource Groups, Equity Compensation & Employee Stock Purchase Plan, Growth and Development Fund, Parental Leave.
More jobs at GitLab
Senior Threat Intelligence Engineer
GitLab · India, United States, Canada
USD 140,000-200,000 per year
Lead, Learning Architecture & AI Enablement
GitLab · United States, Canada
USD 0 per year
Support Engineer, U.S. Government Support
GitLab · United States
USD 95,200-160,800 per year
Hyperscaler Operations Manager
GitLab · United States, Canada
USD 104,800-176,400 per year
Revenue Analytics Manager
GitLab · United States, Canada
USD 126,400-213,600 per year
Similar jobs
Senior Software Engineer
SentinelOne · United States
USD 132,000-182,000 per year
Staff Software Engineer, Machine Learning Platform
Stripe · South San Francisco, United States, Seattle, United States
USD 224,000-336,000 per year
Staff + Sr. Software Engineer, Cloud Inference Launch Engineering
Anthropic · San Francisco, United States
USD 320,000-485,000 per year
AI Engineer
Stripe · Chicago, United States
USD 126,600-235,300 per year
Principal ML Solutions Architect - Token Factory
Nebius · United States
USD 208,000-261,000 per year
Senior Director, Enterprise Networking
Nvidia · Santa Clara, United States
USD 332,000-500,200 per year
Application Security Engineer
SpaceXAI · Palo Alto, United States
USD 200,000-340,000 per year
Designated Technical Support Engineer
Glean · Palo Alto, United States
USD 120,000-190,000 per year