This position is remote based.
GitLab is building a research team that will focus on improving GitLab’s security detection capabilities, including SAST/DAST and future products. For more information about our security products, please review: https://about.gitlab.com/direction/secure/ and https://about.gitlab.com/direction/defend/
This team will work directly with the GitLab Security, Development, and Product teams to build, tune and improve the efficacy of GitLab’s stand-alone detection products.
Managers in the Security Department at GitLab see the team as their product. While they are technically credible and know the details of what vulnerability research engineers work on, their time is spent hiring a world-class team and putting them in the best position to succeed. They own the delivery of security commitments and are always looking to improve productivity. They must also coordinate across departments to accomplish collaborative goals.
As a member of the security team at GitLab, you will be working towards raising the bar on security. We will achieve that by working and collaborating with cross-functional teams to provide guidance on security best practices.
The Security Team is responsible for leading and implementing the various initiatives that relate to improving GitLab's security.
- Hire a world class team of vulnerability research engineers to work on their team
- Help vulnerability research engineers grow their skills and experience
- Provide input on vulnerabilities, issues, and security features
- Hold regular 1:1's with all members their team
- Create a sense of psychological safety on your team
- Recommend security-related technical and process improvements
- Author project plans for security initiatives
- Draft quarterly OKRs
- Train engineers to screen candidates and conduct managerial interviews
- Strong sense of ownership, urgency, and drive
- Excellent written and verbal communication skills, especially experience with executive-level communications
- Ability to make concrete progress in the face of ambiguity and imperfect knowledge
- You have a passion for security and open source
- You are a team player, and enjoy collaborating with cross-functional teams
- You are a great communicator
- You employ a flexible and constructive approach when solving problems
- You share our values, and work in accordance with those values