Senior Security Engineer, Red Team
Remote
GitLab
From planning to production, bring teams together in one application. Ship secure code more efficiently to deliver value faster.The GitLab DevSecOps platform empowers 100,000+ organizations to deliver software faster and more efficiently. We are one of the world’s largest all-remote companies with 2,000+ team members and values that foster a culture where people embrace the belief that everyone can contribute. Learn more about Life at GitLab.
An overview of this role
We are looking for a senior-level Red Team engineer, meaning someone who has 2+ years experience conducting adversary emulation exercises either as an internal Red Team operator or as a consultant. If you’re a penetration tester who also does Red Team engagements, that’s great too! This role is focused on the latter, so it’s important that you understand the difference and can demonstrate experience with both.
You will be writing very detailed reports, creating videos, and communicating complex topics to folks across the organization with various levels of security knowledge. As a senior member of our team, you’ll also spend time teaching and mentoring other engineers.
GitLab’s environment is very different to traditional organizations, and attacking it takes creativity. There are no wireless corporate networks to sniff, there is no Active Directory to roast, and you won’t find a single hash being passed. To be successful on our Red Team, you must be able to adapt traditional attack techniques to an all-remote, all-cloud, and SaaS-based environment.
Our Red Team operations are planned in-depth, and typically span three months each. This means you will have the time to dig deep into developing and executing realistic attack techniques. As our organization grows and matures, so does our Red Team! You will have an opportunity to shape our roadmap and help us become better attackers.
Outside of these planned operations, we also make room for what we call “open-scope” work. This gives you the opportunity to get creative, pursuing your own interests and ideas while helping to identify and reduce risk. We are possibly the most transparent Red Team in the world, and you will be encouraged to write blogs based on your research, contribute to our public handbook, and publish open-source tools and exploits.
The recommendations we provide internally are taken very seriously, and our work has a direct impact on the organization and the product. We have a great relationship with our friends on the Blue Team, and you’ll be able to collaborate with folks from all over the organization to help make things more secure.
Some further links to explore:
What you’ll do
- Maintain a deep understanding of GitLab’s product offerings, how they work, and how they could be attacked or abused
- Propose, plan, lead, and execute Red Team operations based on realistic threats to the organization
- Automate attack techniques, creating custom tooling for specific operations and contributing to general-purpose open source tools
- Deploy and manage attack infrastructure for stealth operations
- Write detailed reports covering the goals and outcomes of Red Team operations, including significant observations and recommendations
- Collaborate with GitLab’s Security Incident Response Team (SIRT) to improve detection and response capabilities
- Collaborate with GitLab’s Infrastructure Security Team to propose defensive improvements to cloud environments
- Collaborate across multiple product teams to propose enhancements and additions to GitLab’s SaaS and self-hosted offerings
- Collaborate with non-technical teams to propose process and policy enhancements and additions
- Stay informed on current security trends, advisories, publications, and academic research that is relevant our organization
- Publish blogs and submit talks to security conferences
- Create and deliver short video summaries of completed Red Team operations
What you’ll bring
- Ability to use GitLab
- Two or more years experience conducting adversary-emulation exercises
- Deep knowledge of the MITRE ATT&CK framework
- Experience deploying, managing, and operating a Command & Control (C2) framework
- Ability to automate tasks by writing scripts/programs - we often use Python and Go
- Ability to read and understand multiple programming languages, especially Ruby and Go
- Expert-level command-line experience with Linux-based operating systems
- Experience exploiting vulnerabilities in at least two of the following areas:
- Web applications
- Cloud environments (GCP / AWS)
- Linux and/or MacOS workstations
- CI/CD, or software supply chain
- Hands-on experience with at least one of the major cloud providers (GCP, AWS, Azure)
- An adversarial mindset - you must be able to put yourself in the mind of the attacker
- Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner
About the team
Gitlab’s Red Team conducts security exercises that emulate real-world threats. We do this to help assess and improve the effectiveness of the people, processes, and technologies used to keep our organization secure. You can read more about our team in the handbook.
You will be the third engineer on the team, reporting to a manager in Australia. Your teammates will be based in the US and Europe. This geographic distribution means we do a lot of work asynchronously, so you should feel comfortable working independently and maintaining detailed documentation of your work.
How GitLab will support you
- Benefits to support your health, finances, and well-being
- All remote, asynchronous work environment
- Flexible Paid Time Off
- Team Member Resource Groups
- Equity Compensation & Employee Stock Purchase Plan
- Growth and development budget
- Parental leave
- Home office support
Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply to a job unless they meet every single qualification. If you're excited about this role but don't strictly meet all of the requirements then please apply, letting us know why you're interested and allow our recruiters to assess your application.
Country Hiring Guidelines: GitLab hires new team members in countries around the world. All of our roles are remote, however some roles may carry specific location-based eligibility requirements. Our Talent Acquisition team can help answer any questions about location after starting the recruiting process.
Privacy Policy: Please review our Recruitment Privacy Policy. Your privacy is important to us.
GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. GitLab’s policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including family medical history), discharge status from the military, protected veteran status (which includes disabled veterans, recently separated veterans, active duty wartime or campaign badge veterans, and Armed Forces service medal veterans), or any other basis protected by law. GitLab will not tolerate discrimination or harassment based on any of these characteristics. See also GitLab’s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know during the recruiting process.
Tags: Active Directory AWS Azure Blue team CI/CD Cloud DevSecOps Exploits GCP GitLab Incident response Linux MacOS MITRE ATT&CK Open Source Privacy Python Red team Ruby SaaS Teaching Vulnerabilities
Perks/benefits: Career development Conferences Equity Flex hours Flex vacation Health care Medical leave Parental leave
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open DevSecOps-related jobs