Senior Field Security Engineer (US Federal)
Remote - USA
This Senior Field Security Engineer position is 100% remote. We're looking for someone who is a US citizen with an ability to gain a US security clearance as you'll be working with our US Public Sector (federal) team and customers.
It’s an exciting time to join our team. We're one of the world’s largest all-remote companies, and we've been intentionally building our culture this way from the start. With more than 1,200 team members in 65+ countries, GitLab is a place where you can contribute from almost anywhere. We are an ambitious, productive team that embraces a set of shared values in everything we do.
As a Field Security Engineer in our Assurance sub department, you'll play a key role in the team that serves as the public representation of GitLab's internal Security function. The team is tasked with providing high levels of security assurance to internal and external customers through customer support, sales enablement and security evangelism programs. This position will support our US Public Sector (federal) team and customers.
The culture here at GitLab is something we’re incredibly proud of. Some of the benefits you’ll be entitled to vary by the region or country you’re in. However, all GitLab team members are fully remote and receive a "no ask, must tell" paid-time-off policy, where we don’t count the number of days you take off annually -- instead, we focus on your results. You can work the hours you choose, enabled by our asynchronous approach to communication.
You can also expect stock options and a competitive salary. Our compensation calculator will be shared with selected candidates before any interview.
Diversity, Inclusion, and Belonging (DIB) are fundamental to the success of GitLab. We want to infuse DIB in every way possible and in all that we do. We strive to create a transparent environment where all team members around the world feel that their voices are heard and welcomed. We also aim to be a place where people can show up as their full selves each day and contribute their best. With more than 100,000 organizations using GitLab, our goal is to have a team that is representative of our users.
- Professionally handle communications with internal and external stakeholders
- Maintain up-to-date knowledge of GitLab's product, environment, systems and architecture
- Educate internal and external stakeholders on GitLab’s Security practices through formal and informal training, handbook improvements, white papers, conference presentations and blog posts
- Gather and report on established metrics within the field security program
- Complete customer security assessments, questionnaires and sales enablement activities within pre defined SLA.
- Maintain the Customer Assurance Package and other self-service customer security resources
- Maintain GitLab's standard security response database
- Triage new or changing security requirements, US public sector requirements, security issues, and/or customer risks
- Maintain handbook pages, policies, standards, procedures and runbooks related to Field Security
- Identify opportunities for Field Security process automation
- Maintain Field Security automation tasks
- Create security and US public sector sales enablement educational materials and support security evangelism.
- Support Field Security internally facing presentations such as Sales Kick Off, Sales Quick Start and Customer Success Skills Exchange
- Proactively identify new or increased customer security concerns with management
- At least 5 years of experience conducting customer assurance activities
- Demonstrated experience with NIST 800-53 and at least two other security control frameworks such as: SOC 2, ISO, COSO, COBIT
- Demonstrated industry security experience, particularly in DevSecOps, Application Security and/or Cloud-Native Security
- Experience in a Saas company
- Experience with GitLab
- Experience with FedRAMP
Also, we know it’s tough, but please try to avoid the confidence gap. You don’t have to match all the listed requirements exactly to be considered for this role.
Country Hiring Guidelines
Please visit our Country Hiring Guidelines page to see where we can hire.
Explore more Information Security career opportunities
- Open Senior Infrastructure Security Engineer Jobs
- Open Threat Intelligence Response Analyst Jobs
- Open SOC Analyst Jobs
- Open Senior Penetration Tester Jobs
- Open Principal Security Engineer Jobs
- Open Information Security Architect Jobs
- Open IT Security Engineer Jobs
- Open Information Security Officer Jobs
- Open Staff Security Engineer Jobs
- Open Vulnerability Analyst Jobs
- Open Personnel Security Officer Jobs
- Open Infrastructure Security Engineer Jobs
- Open Chief Information Security Officer Jobs
- Open Senior Information Security Analyst Jobs
- Open IAM Engineer Jobs
- Open Software Security Engineer Jobs
- Open Senior Information Security Engineer Jobs
- Open Sr. Software Engineer - Detection Engineering Jobs
- Open Senior Incident Response Analyst Jobs
- Open DevOps Security Engineer Jobs
- Open Staff Engineer, Cloud Security Jobs
- Open Privacy Manager Jobs
- Open Threat Intelligence Analyst Jobs
- Open Manager, Cybersecurity and Trust Jobs
- Open Cybersecurity Analyst Jobs
- Open NIST-related jobs
- Open Clearance-related jobs
- Open PCI-related jobs
- Open CEH-related jobs
- Open Open Source-related jobs
- Open Forensics-related jobs
- Open IDS-related jobs
- Open Splunk-related jobs
- Open Machine Learning-related jobs
- Open Ruby-related jobs
- Open Intrusion detection-related jobs
- Open OSCP-related jobs
- Open Security assessments-related jobs
- Open IPS-related jobs
- Open Encryption-related jobs
- Open Threat detection-related jobs
- Open Docker-related jobs
- Open HIPAA-related jobs
- Open Cryptography-related jobs
- Open TCP/IP-related jobs
- Open DevSecOps-related jobs
- Open PowerShell-related jobs
- Open Unix-related jobs
- Open DNS-related jobs