VP, Corporate Security

at GitLab

📍 United States

USD 297,600-360,000 per year

MIDDLE

✅ Remote

Used Tools & Technologies

Not specified

Required Skills & Competences
Tag name is followed by "@" symbol and proficiency level value. About proficiency levels:

1-2 — basic awareness. Minimal hands-on experience, and a rudimentary understanding of the technology's purpose;

3-6 — daily use. Comfortable and regular usage, capable of handling common tasks and challenges related to the technology;

7-9 — you are an expert, you can teach others, you know all the pitfalls and tricks;

10 — exceptional knowledge, comprehensive understanding, and adeptness in all aspects of the technology, including advanced problem-solving. Think twice before claiming or demanding such level.

Security @ 3 Leadership @ 3 Communication @ 6 Slack @ 3 OAuth @ 6 macOS @ 3 Audit @ 3 Compliance @ 3

Details

GitLab is the intelligent orchestration platform for DevSecOps. GitLab enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 50 million registered users and more than 50% of the Fortune 100 trust GitLab to ship better, more secure software faster.

The Corporate Security organization at GitLab leads Identity Engineering, Corporate Security Engineering, and End User Services to secure workforce identity, internal systems, endpoints, and core business applications. This team enables GitLab team members to work productively and securely through engineering ownership across identity, device trust, SaaS, platform, and internal security controls in an all-remote environment.

Responsibilities

Set the vision and operating model for Corporate Security across engineering, identity, endpoint and device security, and end-user services, aligning security outcomes with productivity and service quality.
Lead a globally distributed, multi-disciplinary organization through clear roadmaps, strong managers, measurable priorities, and high operational standards.
Own GitLab’s internal identity and access strategy across Okta, lifecycle automation, RBAC and ABAC, administrative access controls, cloud access governance, and the ongoing evolution of Identity v3.
Drive secure-by-default endpoint and device strategy across GitLab’s fleet, with particular strength in macOS, endpoint hardening, configuration management, telemetry, detection partnerships, and engineering-led change control.
Oversee end-user services and internal IT support for the company, including access management, hardware support, and support for core applications such as Google Workspace, Slack, and Zoom, while improving helpdesk effectiveness and service experience.
Build scalable onboarding, offboarding, and role-change processes that reduce risk, improve auditability, and remove friction for team members and business stakeholders.
Partner cross-functionally with Security, IT, Engineering, People, Compliance, Finance, and Legal to translate business and regulatory requirements into pragmatic controls, policies, and workflows.
Own vendor, tooling, and budget strategy for the Corporate Security estate, using metrics to improve resilience, team member experience, and risk reduction over time.

Requirements

Significant senior leadership experience leading corporate security, enterprise IT, IAM, endpoint security, or adjacent internal platform organizations at scale.
Strong command of workforce identity and access concepts, including SSO, SAML, OAuth, lifecycle automation, RBAC and ABAC, administrative access controls, and governance for privileged and non-human identities.
Deep understanding of modern endpoint and device security, ideally in a macOS-heavy environment, including MDM or endpoint management, hardening, software distribution, and fleet-level operational rollout strategy.
A track record of replacing manual or click-ops processes with automation, GitOps, infrastructure-as-code, and auditable engineering workflows.
Experience balancing service operations and engineering investment, with credibility in both helpdesk and internal platform environments.
Experience operating in regulated or audit-heavy environments and partnering with compliance stakeholders on durable, evidence-ready controls.
Excellent written and verbal communication skills, strong executive judgment, and the ability to lead effectively in an all-remote, asynchronous company.
A pragmatic, business-enabling leadership style that raises the security bar while reducing friction for team members and internal customers.

About the team

The Corporate Security organization provides technology, support, and internal security capabilities across access, endpoints, SaaS platforms, and core workforce systems, and supports day-to-day team member productivity through end-user services and helpdesk operations. Identity Engineering leads technical strategy and automation behind IAM, RBAC, and administrative access controls for internal systems, cloud infrastructure, and tech stack applications, including the Identity v3 program.

Compensation

United States base salary range: $297,600 - $360,000 USD (base salary range for residents of the United States only). This range does not include bonuses, equity, or benefits.

How GitLab Supports Full-Time Employees (selected)

Benefits to support your health, finances, and well-being
Flexible Paid Time Off
Team Member Resource Groups
Equity Compensation & Employee Stock Purchase Plan
Growth and Development Fund
Parental Leave

GitLab is an all-remote company and hires new team members in countries around the world. Candidates with varying levels of experience are encouraged to apply.