Senior Director, Security Assurance

Sr. Director, Security Assurance

This position reports to the CISO.

Sr. Director, Security Assurance Job Grade

The Sr. Director, Security Assurance is a Grade 11.

Sr. Director, Security Assurance Responsibilities

• Recruit, manage, motivate and develop high performing governance, risk, compliance and field security teams
• Partner with the CISO, and other Security leadership, in planning and development of enterprise information security strategy and best practices aligned with broader GitLab business initiatives
• Provide vision and leadership for developing and supporting initiatives in the areas of security policy, external security audits, continuous control monitoring, customer assurance, risk assessments and security training
• Provide reporting to E-Group, and other key stakeholders, including the GitLab Board of Directors
• Design and communicate security assurance strategies and plans to executive team, team members, partners, customers, and stakeholders with a specific focus on expansion of the security certification portfolio
• Maintain and manage the security risk register and consult with senior leaders regarding their security risks and responsibilities in minimizing those risks
• Drive operational efficiencies through process improvement and implementation of technical solutions driving automation and dogfooding of the GitLab product
• Participate in key customer calls, contract reviews and/or security assessments providing leadership assurance on GitLab security
• Develop and provide key performance indicators, operational metrics and related reports

Sr. Director, Security Assurance Requirements

• Proven ability to successfully recruit, manage, motivate and develop high performing teams
• Superior understanding of the organization’s goals and objectives
• Ability to act as a champion for Security and convey cyber-security risks in layman terms
• Ability to build collaborative relationships with diverse stakeholders including executive team, management, privacy, engineering and external auditors
• Proficient experience with industry standard security and risk frameworks/standards/laws/regulations: SOX ITGCs, SOC, FedRAMP/NIST 800-53, NIST CSF, PCI, ISO27001, ISO 31000, etc.
• An effective communicator with the ability to escalate, coordinate, provide feedback, and ask for help
• Outstanding cross-functional partnership skills, with a confirmed ability to identify, initiate and lead efforts with both internal and external teams

Hiring Process

Details about our hiring process can be found on our hiring page.

Compensation

To view the full job description and its compensation calculator, view our handbook. The compensation calculator can be found towards the bottom of the page.