Manager, Infrastructure Security (USA)

About the Role

As part of the Product Security Department, this role will contribute to the Infrastructure Security team's vision and strategic roadmap, serving as a stable counterpart to other teams such as Public Sector SRE. The manager will provide professional guidance on infrastructure security and collaborate with other security teams to support cross-team security efforts and drive down risk across the organization.

Gitlab's commitment to innovation and customer satisfaction demands a robust security posture. The company's high-performance culture, driven by its values and continuous knowledge exchange, enables team members to reach their full potential. This role is an opportunity to be part of a team that is redefining how software is developed and securing the future of digital transformation.

What You Will Do

• Contribute to the Infrastructure Security team's vision and strategic roadmap, aligning with Gitlab's overall security strategy.
• Lead and develop a high-performing team, focusing on securing Gitlab's internal cloud infrastructure and GitLab Dedicated for Government.
• Serve as a stable counterpart to teams such as Public Sector SRE, providing infrastructure security guidance and partnership.
• Provide professional guidance and input on infrastructure security within and outside of your team, advocating for security best practices.
• Collaborate with other security teams to support cross-team security efforts, process improvements, and driving down risk across the organization.
• Build collaborative cross-functional partnerships with teams across Infrastructure Engineering, Engineering and Development, Product Management, and Legal.
• Manage an existing high-performing team, focusing on talent development and performance management.
• Develop and refine the Infrastructure Security vision and strategic roadmap in collaboration with Product Security Leadership.
• Leverage extensive infrastructure experience and conflict resolution skills to unblock decisions and drive progress.
• Participate in cross-functional initiatives to ensure security is built in from the foundation upward.

What We Are Looking For

• Proven experience in managing high-performing teams in infrastructure security or a related field.
• Strong understanding of cloud security principles and practices, particularly in securing cloud infrastructure.
• Experience with FedRAMP-authorized environments and compliance requirements.
• Excellent leadership and communication skills, with the ability to collaborate with cross-functional teams.
• Strong technical background in infrastructure security, with experience in designing and implementing secure infrastructure solutions.
• Experience with security frameworks and standards such as NIST, ISO 27001.
• Ability to develop and implement strategic roadmaps for infrastructure security.
• Experience in managing budgets and resources for security initiatives.
• Strong analytical and problem-solving skills, with the ability to analyze complex security issues and develop effective solutions.

Nice to Have

• Experience with DevSecOps practices and tools.
• Knowledge of AI and machine learning applications in security.
• Certification in cloud security or a related field, such as AWS Certified Security - Specialty or Google Cloud Certified - Professional Cloud Security Engineer.
• Experience with agile development methodologies and version control systems like Git.
• Familiarity with Gitlab's products and services, or similar platforms.

Benefits and Perks

• Competitive salary and benefits package.
• Opportunity to work with a high-performance team in a fast-paced and innovative environment.
• Flexible working hours and remote work arrangements.
• Professional development opportunities, including training and certification programs.
• Access to the latest technologies and tools in cloud security.
• Collaborative and dynamic work environment with a strong focus on teamwork and innovation.
• Recognition and reward programs for outstanding performance.
• Comprehensive health insurance and wellness programs.
• Generous PTO and holiday packages.

• Emphasize your experience in leading teams and managing infrastructure security projects, highlighting achievements in driving security innovation and improvement.
• Highlight your technical skills, particularly in cloud security and compliance, and be prepared to provide examples of how you've applied these skills in previous roles.
• Showcase your understanding of DevSecOps principles and how you've integrated security into development and operations workflows.
• Prepare to discuss your approach to talent development and performance management, and how you foster a culture of collaboration and innovation within your team.
• Be ready to explain how you stay current with the latest security trends and technologies, and how you apply this knowledge to drive strategic decisions in infrastructure security.
• Demonstrate your ability to communicate complex security concepts to both technical and non-technical stakeholders, and highlight any experience you have in presenting security strategies to executive teams.
• Research Gitlab's values and culture and be prepared to discuss how your own values and leadership style align with those of the company.