Principal Cybersecurity Incident Manager (USA)

GitlabGitlab·Remote(Remote, US)
Cybersecurity
AdjustExcel

WFA Digital Insight

The demand for cybersecurity professionals has surged, with a 25% increase in job postings over the past year. As companies shift to remote work, the need for robust security measures has become paramount. Gitlab, a pioneer in DevSecOps, is seeking a Principal Cybersecurity Incident Manager to lead their incident response efforts. With the rise of complex security threats, this role requires a unique blend of technical expertise and crisis management skills. Candidates should be well-versed in the latest security trends and have experience in managing high-pressure situations. Before applying, it's essential to understand the evolving landscape of cybersecurity and the importance of AI-driven solutions.

Job Description

About the Role

The Principal Cybersecurity Incident Manager plays a critical role in leading and coordinating security incident response efforts across Gitlab's platforms, including Gitlab.com, Gitlab Dedicated, and corporate environments. This position serves as the primary authority during high-impact security events, orchestrating cross-functional teams and driving continuous improvement in incident response capabilities. As a founding member of the incident command function, the successful candidate will build upon and mature this role.

The security landscape is becoming increasingly complex, with new threats emerging every day. As a result, the need for effective incident response has never been more critical. This role requires a deep understanding of security principles, threat analysis, and crisis management.

Gitlab's Security Operations Department is committed to providing a robust and responsive security posture. The Principal Cybersecurity Incident Manager will work closely with the Security Incident Response Team (SIRT) to develop and implement incident response playbooks, runbooks, and standard operating procedures.

What You Will Do

  • Serve as the primary Incident Commander for critical and complex security events across Gitlab's platforms
  • Provide decisive leadership during high-stress situations, ensuring effective communication and collaboration among teams
  • Orchestrate response efforts across Security Operations, Infrastructure, Legal, Engineering, Product, and executive stakeholders
  • Lead technical calls and establish effective async collaboration during incidents, managing participant contributions and ensuring progress toward resolution
  • Conduct comprehensive post-incident reviews and retrospectives, driving the creation of action items, process improvements, and systemic enhancements
  • Design, maintain, and continuously improve incident response playbooks, runbooks, and standard operating procedures
  • Build and refine incident command frameworks, communication protocols, and escalation procedures
  • Develop and deliver incident command training programs, mentoring incident commanders and other team members
  • Collaborate with SIRT engineers to develop and implement incident response strategies
  • Stay up-to-date with the latest security trends, threats, and technologies, applying this knowledge to improve incident response capabilities

What We Are Looking For

  • 8+ years of experience in security incident response, with a focus on leadership and management
  • Strong understanding of security principles, threat analysis, and crisis management
  • Experience with incident response frameworks, such as NIST or ISO 27001
  • Knowledge of cloud security platforms, including AWS, Azure, or Google Cloud
  • Familiarity with DevSecOps tools and practices
  • Excellent communication and collaboration skills, with the ability to work effectively in high-pressure situations
  • Strong technical skills, including proficiency in Adjust and Excel
  • Experience with AI-driven security solutions and tools
  • Certification in security incident response, such as CISSP or CISM

Nice to Have

  • Experience with security orchestration, automation, and response (SOAR) tools
  • Knowledge of programming languages, such as Python or Ruby
  • Familiarity with agile development methodologies and version control systems, such as Git
  • Experience with cloud-based security platforms and tools

Benefits and Perks

  • Competitive salary and benefits package
  • Opportunity to work with a leading DevSecOps platform
  • Collaborative and dynamic work environment
  • Professional development and growth opportunities
  • Flexible working hours and remote work options
  • Access to the latest security tools and technologies
  • Comprehensive health and wellness programs
  • Generous paid time off and holiday package

How to Stand Out

  • Develop a strong understanding of security incident response frameworks and practices, such as NIST or ISO 27001.
  • Showcase your technical skills, including proficiency in Adjust and Excel, and experience with AI-driven security solutions.
  • Prepare examples of your experience in managing high-pressure situations and leading cross-functional teams.
  • Highlight your knowledge of cloud security platforms, including AWS, Azure, or Google Cloud, and DevSecOps tools and practices.
  • Be prepared to discuss your experience with security orchestration, automation, and response (SOAR) tools and certification in security incident response, such as CISSP or CISM.
  • Research Gitlab's values and culture to understand their approach to security and incident response, and be prepared to discuss how you can contribute to this effort.

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.