Manager, Security Incident Response Team

This is a fully remote position, open to applicants in United States.

📋 Description

• Oversee the daily operations of the team by setting clear objectives, performance standards, and accountability for direct reports; track progress and ensure the timely delivery of high-quality results.

• Cultivate and mentor incident responders by providing honest, real-time feedback; guide career advancement; and promote a culture of investigative excellence, focusing on thoroughness and precision in analysis.

• Actively identify and address talent shortages by participating in hiring processes, concentrating on candidates who will enhance GitLab's values and elevate the technical standards of the team.

• Foster engagement and retention by acknowledging team members' contributions, addressing engagement risks proactively, and creating an atmosphere of open feedback and psychological safety.

• Communicate organizational context by translating division and company-wide strategies into clear, actionable priorities for the team; ensure timely communication with team members.

• Develop and enhance incident response processes by building and refining runbooks, procedures, and team capabilities that translate strategic plans into tactical execution.

• Lead incident response efforts by acting as an escalation point and incident commander for high-severity incidents, including occasional nights and weekends; set the standard for high-quality investigations.

• Facilitate cross-functional collaboration by effectively coordinating with peer SecOps teams, Legal, Customer Support, and Infrastructure to address incidents and close defense gaps through actionable retrospective mitigations.

• Align the team on defensive enhancements by leveraging insights from alerts, investigations, and incidents to strengthen GitLab's security posture and support a "shift left" approach.

• Advocate for remote-first practices by consistently modeling and guiding team members on GitLab's best practices for remote work, asynchronous communication, and a handbook-first culture.

⛳️ Requirements

• Demonstrated experience in people management - a proven history of managing and developing a team of security engineers, establishing performance expectations, providing coaching, and ensuring accountability for outcomes.

• Leadership in incident response - evidenced experience in leading intricate incident response operations, including large-scale incident coordination and managing the complete lifecycle from triage to retrospective.

• Practical technical expertise - experience conducting security investigations and log analysis using SIEM tools (e.g., Splunk, Elastic); working knowledge of GCP and/or AWS, including cloud forensics.

• Customer-facing credibility - comfortable representing GitLab Security during customer escalations and in high-profile cybersecurity discussions.

• Proactive hunting and threat intelligence skills - adept in threat hunting based on intelligence, and familiar with supply chain threats that target SaaS platforms.

• AI and automation orientation - experience leveraging AI/LLMs to enhance incident response workflows and automate repetitive tasks.

• Familiarity with platforms - experience utilizing GitLab (or a similar DevSecOps platform) for project management; additional experience responding to threats against a SaaS platform is a plus.

• Capability to prioritize under pressure - ability to make informed operational decisions swiftly, escalate issues effectively, and guide the team in balancing urgency with importance.

• Due to government regulations, applicants must be United States Citizens (defined as individuals who are citizens of the United States by law, birth, or naturalization) to qualify for this position.

🏝️ Benefits

• Comprehensive benefits to support your health, financial well-being, and overall wellness.

• Flexible Paid Time Off.

• Access to Team Member Resource Groups.

• Equity Compensation & Employee Stock Purchase Plan.

• Growth and Development Fund.

• Parental Leave.