Senior Security Incident Response Team Engineer
GitLabGitLab's DevOps platform is a single application for unparalleled collaboration, visibility, and development velocity. Learn more here!
The GitLab DevOps platform empowers 100,000+ organizations to deliver software faster and more efficiently. We are one of the world’s largest all-remote companies with 1,600+ team members and values that guide a culture where people embrace the belief that everyone can contribute.
As members of GitLab's Security Operations sub department, the Security Incident Response Team detects, manages, and remediates security incidents across GitLab. Members of the Security Incident Response Team (SIRT) are the fire fighters of the GitLab Security department. SIRT works to create and maintain a safe and secure operating environment for the organization and its customers and responds to active security incidents. As a Security Engineer on SIRT you will build and maintain the tools we use to detect and respond to emerging threats in efficient and scalable ways, respond to security incidents and drive them to resolution, and develop and deploy preventative security measures for the GitLab organization and GitLab.com. Successful Security Engineers thrive in high-stress environments and can think like both an attacker and defender, engage with and mentor more junior Security Engineers, and can help come up with proactive and preventative security measures to keep GitLab and its user’s data safe in an ever changing threat landscape.
Senior Security Incident Response Team Engineer
This position reports to the Manager, Security Incident Response Team.
The Senior Security Incident Response Team Engineer is a grade 7.
- Extends Security Incident Response Engineer responsibilities, plus;
- Detect and independently respond to security incidents across the organization or GitLab.com
- Conduct proactive threat hunting based on threat intel
- Perform forensic analysis of infected hosts independently
- Analyze network traffic and identify attacker activity
- Mentor other members of the Security Incident Response Team
- Build and maintain scalable log ingestion and analytics platforms and tooling
- Perform root cause analysis (RCA) and incident reviews
- 5+ years of demonstrated experience in web or cloud security engineering, log aggregation, and/or penetration testing
- A minimum of 2 years experience working with incident response
- Excellent written and verbal communication skills
- Capability to build working relationships with key stakeholders
- Experience with operating system internals and hardening, web application and browser security, and monitoring and intrusion detection
Candidates for this position can expect the hiring process to follow the order below. Please keep in mind that candidates can be declined from the position at any stage of the process.
- Qualified candidates will be invited to schedule a 30 minute screening call with one of our Global Recruiters.
- Next, candidates will be invited to schedule an interview with Security Incident Response Team Manager
- Candidates will then be invited to schedule an interview with 2 SIRT peers, one of which will be a Senior
- Candidates will then be invited to schedule an interview with Director of Security Operations
- Successful candidates will subsequently be made an offer via email
To view the full job description and its compensation calculator, view our handbook. The compensation calculator can be found towards the bottom of the page.
Additional details about our process can be found on our hiring page.For Colorado residents: The base salary range for this role’s listed level is currently $123,300-$226,400 for Colorado residents only. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, and alignment with market data. See more information on our benefits and equity. Sales roles are also eligible for incentive pay targeted at up to 100% of the offered base salary. Disclosure as required by the Colorado Equal Pay for >Equal Work Act, C.R.S. § 8-5-101 et seq. Remote-Global
Country Hiring Guidelines: GitLab hires new team members in countries around the world. All of our roles are remote, however some roles may carry specific location-based eligibility requirements. Our Talent Acquisition team can help answer any questions about location after starting the recruiting process.
GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. GitLab’s policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including family medical history), discharge status from the military, protected veteran status (which includes disabled veterans, recently separated veterans, active duty wartime or campaign badge veterans, and Armed Forces service medal veterans), or any other basis protected by law. GitLab will not tolerate discrimination or harassment based on any of these characteristics. See also GitLab’s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know during the recruiting process.
Other jobs like this
Senior Azure Cloud Security EngineerAnsible Automation AWS Azure CircleCI DevOps Docker Encryption GCP Incident response +9
401(k) matching Career development Equity Flex hours Flex vacation +6
Staff Cloud Security Engineer (Remote- North America)Automation AWS Azure CEH CISA Cloudflare FedRAMP GCP ISO 27001 Kubernetes +2
Career development Competitive pay Flex hours Flex vacation Parental leave +3
Explore more Cyber Security career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.
- Open Cyber Security Engineer jobs
- Open Staff Application Security Engineer jobs
- Open Penetration Tester jobs
- Open Senior DevSecOps Engineer jobs
- Open Application Security Engineer/Architect jobs
- Open Senior Security Operations Engineer jobs
- Open Cyber Threat Intelligence Analyst jobs
- Open Head of Information Security jobs
- Open Senior Information Security Engineer jobs
- Open Lead Security Engineer jobs
- Open Staff Security Engineer jobs
- Open SOC Analyst jobs
- Open Cyber Security Analyst jobs
- Open Information System Security Officer (ISSO) jobs
- Open Cybersecurity Engineer jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Senior Threat Intelligence Analyst jobs
- Open Cloud Security Automation Specialist jobs
- Open Offensive Security Engineer jobs
- Open Information Security Officer jobs
- Open Azure Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cloud Security Operations Lead jobs
- Open Cybersecurity Analyst jobs
- Open DevOps-related jobs
- Open Application security-related jobs
- Open Analytics-related jobs
- Open Audits-related jobs
- Open PCI-related jobs
- Open OWASP-related jobs
- Open Threat intelligence-related jobs
- Open Clearance-related jobs
- Open Security assessments-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open Splunk-related jobs
- Open Ruby-related jobs
- Open Encryption-related jobs
- Open CEH-related jobs
- Open CISM-related jobs
- Open GDPR-related jobs
- Open Agile-related jobs
- Open Threat detection-related jobs
- Open Open Source-related jobs
- Open OSCP-related jobs
- Open Intrusion detection-related jobs
- Open DevSecOps-related jobs
- Open Machine Learning-related jobs