About the job

GitLab's DevOps platform empowers 100,000+ organizations to deliver software faster and more efficiently. We are one of the world’s largest all-remote companies with 1,400+ team members and values that guide a culture where people embrace the belief that everyone can contribute .

This position reports to the VP of Security.

Job Grade

The Director, Security Operations is a grade 10 .

Responsibilities

• Secure our product, services (GitLab.com, package servers, other infrastructure), and company (laptops, email)
• Define and plan priorities for security related activities based on that risk analysis
• Determine appropriate combination of internal security efforts and external security efforts including bug bounty programs, external security audits (penetration testing, black box, white box testing)
• Analyze and advise on new security technologies
• Build and manage a team, which currently consists of Security Managers , Security Engineers , and Security Analysts
• Identify and fill positions
• Grow skills in team leads and team members, for example by creating training and testing materials
• Deliver input on promotions, function changes, demotions, and terminations
• Ensure our engineers and contributors from the wider community run a secure software development lifecycle for GitLab by training them in best practices and creating automated tools
• Involve in major security and service abuse events
• Ensure we're compliant with our legal and contractual security obligations
• Evangelise GitLab Security and Values to staff, customers and prospects

Requirements

• Significant application and SaaS security experience in production-level settings
• This position does not require extensive development experience but the candidate should be very familiar with common security libraries, security controls, and common security flaws that apply to Ruby on Rails applications
• Experience managing teams of engineers, and leading managers
• Experience with incident management