Security Manager, Application Security (APAC)

About the Role

GitLab operates in a dynamic environment where feature delivery, platform capabilities, and architectural technologies are rapidly evolving. The company is dedicated to increasing developer productivity, improving operational efficiency, and reducing security and compliance risk. As a key stakeholder in securing GitLab's products, the Application Security team plays a vital role in ensuring the security posture of the company's offerings.

The role involves working closely with various teams, including engineering and product development, to ensure that security is integrated into every aspect of the product lifecycle. The Security Manager will be responsible for surfacing material product security risks, driving operational excellence, and building capability across the team through coaching, mentoring, and career development.

What You Will Do

• Lead, develop, and mentor a team of Application Security Engineers focused on clearing roadblocks, career growth, and development.
• Own the team's operational cadence end to end, including triage rotations, Application Security review queues, and milestone planning.
• Drive tactical execution of the Application Security program, scaling the team for non-linear security gains, enhancing security reviews, and providing secure design consultations for high-risk changes.
• Lead AI adoption within the Application Security team, leveraging AI-assisted/automated workflows for review triage, threat model generation, code analysis, and operational toil reduction.
• Champion practical AI use without losing critical thinking rigor, ensuring that the team effectively balances automation with human expertise.
• Recommend and drive security-related technical and process improvements, staying up to date with the latest security threats and technologies.
• Author and execute project plans for security initiatives, setting schedules, and allocating resources as necessary.
• Collaborate with cross-functional teams to ensure that security is integrated into product development and that security risks are adequately addressed.
• Develop and maintain metrics to measure the effectiveness of the Application Security program, identifying areas for improvement and implementing changes as needed.

What We Are Looking For

• Proven experience in application security, preferably in a leadership or management role, with a strong understanding of security threats, vulnerabilities, and risk management.
• Excellent leadership and mentoring skills, with the ability to develop and grow a team of security professionals.
• Strong technical skills, including proficiency in programming languages, operating systems, and security technologies.
• Experience with AI-assisted security tools and technologies, with the ability to integrate AI into security workflows.
• Excellent communication and collaboration skills, with the ability to work effectively with cross-functional teams.
• Strong problem-solving skills, with the ability to analyze complex security issues and develop effective solutions.
• Experience with security frameworks, compliance regulations, and industry standards.
• Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent experience.

Nice to Have

• Experience with cloud-based security solutions and technologies.
• Knowledge of DevSecOps practices and tools, with the ability to integrate security into the development lifecycle.
• Experience with security orchestration, automation, and response (SOAR) solutions.
• Certification in security management or a related field, such as CISSP, CISM, or CISA.
• Experience working in a fast-paced, dynamic environment, with the ability to adapt to changing priorities and technologies.

Benefits and Perks

• Competitive salary and benefits package, with opportunities for career growth and development.
• Flexible working hours and remote work options, with the ability to work from anywhere in the world.
• Access to cutting-edge security technologies and tools, with the opportunity to work with a talented team of security professionals.
• Comprehensive health insurance, including medical, dental, and vision coverage.
• Generous paid time off policy, including vacation days, sick leave, and holidays.
• Opportunities for professional development and training, including conferences, workshops, and online courses.
• Employee stock options, with the ability to own a part of the company and share in its success.
• Access to a wide range of employee perks and benefits, including fitness classes, mental health support, and social events.

• Ensure your resume and cover letter are tailored to the role, highlighting your experience in application security, leadership, and AI adoption.
• Prepare to discuss your approach to security management, including your experience with security frameworks, compliance regulations, and industry standards.
• Be ready to provide examples of your experience with AI-assisted security tools and technologies, and how you have integrated AI into security workflows.
• Research GitLab's products and services, and be prepared to discuss how you can contribute to the company's mission and values.
• Practice your communication and collaboration skills, as these are essential for success in this role.
• Consider creating a portfolio of your work, including examples of your security projects and initiatives, to showcase your skills and experience.