Manager, Security Incident Response Team (SIRT), Hawaii, US

The Security Incident Response Team - SIRT is on the forefront of active security events that impact both GitLab.com and GitLab the company. Our vision is to detect security incidents before they happen and to respond promptly when they do happen. We ensure maximum operational uptime of mission critical infrastructure and informational assets in its daily operations. This mission is achieved by providing effective crisis response, timely distribution of security notifications, continuous monitoring of potential issues, postmortem of major incidents for training and environmental awareness. You will be leading a team of Security Engineers responsible for building and maintaining the tools we use to detect and respond to emerging threats in efficient and scalable ways, respond to security incidents and drive them to resolution, and develop and deploy preventative security measures for the GitLab organization and GitLab.com.

Responsibilities

• Hire a world class team of security engineers to work on their team
• Help their team grow their skills and experience
• Provide input on security architecture, issues, and features
• Hold regular 1:1's with all members of their team
• Create a sense of psychological safety on their team
• Be your team's role model in terms of positive thinking, de-escalating conflict, and taking time off
• Identify the need to, and drive the implementation of security-related technical and process improvements
• Author project plans for security initiatives
• Draft and successfully deliver on quarterly OKRs
• Train team members to screen candidates and conduct engineering interviews
• Build a substantial, collaborative partnership with Legal, Infrastructure, Development and Product departments
• Assume the role of an Incident Manager during larger security events

Requirements

• Proven track record as an experienced member of Security Operations or Incident Response teams - either as an Individual Contributor or as a Manager
• Hands-on experience with Security Information and Event Management (SIEM) tools
• Experience with leading Security or security-focused Site Reliability teams
• Excellent written and verbal communication skills, especially experience with executive-level communications
• Capability to make concrete progress in the face of ambiguity and imperfect knowledge
• Being comfortable with often not being in control of their time (because security events don't care about anyone's plans)
• Willingness to be part of the Security Manager On-Call rotation
• Robust understanding of security issues, mitigations, and a solid grasp of the current global threat landscape
• Experience with the role of an incident manager during medium and large scale security events
• First hand experience with major cloud providers - GCP, AWS, Azure, Digital Ocean
• Alignment with Manager responsibilities as outlined in Leadership at GitLab