Director Corporate Security Incident Response Team (CSIRT)
Remote - US / Canada
We are looking for an exceptional Corporate Security Incident Response Team Director with extensive hands-on leadership experience. This role will be responsible for managing teams that ensure GitHub Corporate Infrastructure is secure, responding to incidents, and identifying threats to GitHub. You will report to the VP of Security Operations and lead teams of talented Security Engineers and responders.
Here are a few things the team does:
- Threat Detection - Our team detects and analyzes threats against Hubbers, Hubber Devices, and GitHub Infrastructure. We hunt for malicious activity and build tools to aid in our efforts.
- Incident Response - We respond to corporate security incidents of all kinds, develop playbooks and processes to streamline compliance, and work with Hubbers and leadership across the company to mitigate security issues.
- Threat Intelligence - Our team partners with industry peers to develop, share, and respond to intelligence that may pose a threat to GitHub or our customers.
- Consulting - We collaborate with engineers throughout GitHub to design solutions to security obstacles that pragmatically balance between security, usability, and performance
As our Director of CSIRT, you will work alongside other members of the GitHub Security and Engineering organizations including Product Security Engineering, GRC, and Platform Health to drive cross-functional initiatives. You will work with your managers and ICs to mature detection and response processes according to company growth and industry best practices. You will build and nurture relationships among your peers in Security Operations identifying and growing partnership opportunities, joint activities, and collaborative wins. A successful applicant will have a proven track record of building internal and external partnerships, creating healthy and inclusive team environments, and a desire to continue to grow as a leader and team member.
- Cultivate an environment across the organization where team members are empowered and have a strong sense of ownership and belonging.
- Provide technical leadership to grow the team through candid, ongoing feedback, mentoring, and career development.
- Lead successful projects, ensuring high quality and timely delivery of features.
- Hire, coach, and grow a diverse set of managers and engineers with differing perspectives, ideas, and experiences.
- Build partnerships throughout the company, with our parent company Microsoft, and across industry peers to share knowledge and best practices.
- Drive clarity with the team, fostering clear communication, understanding, and process improvements.
- Lead roadmap development and workforce planning and manage your group’s budgets, vendors, and consultants.
- Build the processes, tools, playbooks, controls, and analytic capabilities to detect and respond to threats across a large-scale web/cloud infrastructure.
- Encourage forward momentum and outcomes embodying a ship-to-learn mentality.
- Practice and lead with kindness - our team is often engaged when something has gone wrong or a teammate needs help. Treating each other with empathy and respect is foundational to building trust and creating positive relationships.
- 10+ years experience in information security, operations, engineering, and/or IT
- 5+ years experience managing individual contributors with experience managing other managers
- Experience leading one or more of: threat detection lifecycle, incident response, corporate security, security engineering, and threat intelligence resources
- Track record of working with complex and high impact services at scale and/or distributed systems.
- The ability to take a pragmatic, risk-based approach to decision making while applying practical security principles and practices
- Experience with hiring and building a team.
- Experience with escalation management, escalation support and incident handling.
- Strong written and verbal communication skills.
- A strong sense of empathy, the ability to successfully advocate for your team, and the ability to create a psychologically safe team environment.
- Experience customizing team processes for maximum productivity and minimal burnout.
- Experience working as a remote employee, managing distributed teams and working asynchronously.
- Experience with software development and systems engineering life cycles including design, development, testing, and release, and maintenance.
- Experience collaborating with legal, privacy, communications, and law enforcement professionals.
- Experience using GitHub.com, and comfort using core features such as Issues and Pull Requests.
- Experience working with git, GitHub, and Microsoft Azure
Ability to meet GitHub, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft, GitHub’s parent company, Cloud Screen upon hire/transfer and every two years thereafter.
Who We Are:
GitHub is the developer company. We make it easier for developers to be developers: to work together, to solve challenging problems, and to create the world’s most important technologies. We foster a collaborative community that can come together—as individuals and in teams—to create the future of software and make a difference in the world.
Customer Obsessed - Trust by Default - Ship to Learn - Own the Outcome - Growth Mindset - Global Product, Global Team - Anything is Possible - Practice Kindness
Why You Should Join:
At GitHub, we constantly strive to create an environment that allows our employees (Hubbers) to do the best work of their lives. We've designed one of the coolest workspaces in San Francisco (HQ), where many Hubbers work, snack, and create daily. The rest of our Hubbers work remotely around the globe. Check out an updated list of where we can hire here: https://github.com/about/careers/remote
We are also committed to keeping Hubbers healthy, motivated, focused and creative. We've designed our top-notch benefits program with these goals in mind. In a nutshell, we've built a place where we truly love working, we think you will too.
GitHub is made up of people from a wide variety of backgrounds and lifestyles. We embrace diversity and invite applications from people of all walks of life. We don't discriminate against employees or applicants based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship, disability, pregnancy status, veteran status, or any other differences. Also, if you have a disability, please let us know if there's any way we can make the interview process better for you; we're happy to accommodate!
Please note that benefits vary by country. If you have any questions, please don't hesitate to ask your Talent Partner.
Explore more Information Security career opportunities
- Open SOC Analyst Jobs
- Open Principal Security Engineer Jobs
- Open Threat Intelligence Response Analyst Jobs
- Open Vulnerability Analyst Jobs
- Open Information Security Architect Jobs
- Open Senior Penetration Tester Jobs
- Open IT Security Engineer Jobs
- Open Senior Infrastructure Security Engineer Jobs
- Open Software Security Engineer Jobs
- Open IAM Engineer Jobs
- Open Senior Information Security Engineer Jobs
- Open Personnel Security Officer Jobs
- Open Sr. Product Security Engineer Jobs
- Open Infrastructure Security Engineer Jobs
- Open Senior Incident Response Analyst Jobs
- Open Chief Information Security Officer Jobs
- Open Cybersecurity Analyst Jobs
- Open Staff Security Engineer Jobs
- Open Senior Information Security Analyst Jobs
- Open Information Security Officer Jobs
- Open Sr. Software Engineer - Detection Engineering Jobs
- Open Cyber Security Architect Jobs
- Open Staff Engineer, Cloud Security Jobs
- Open Cybersecurity Engineer Jobs
- Open Threat Intelligence Analyst Jobs
- Open Kubernetes-related jobs
- Open Clearance-related jobs
- Open PCI-related jobs
- Open Open Source-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Machine Learning-related jobs
- Open IDS-related jobs
- Open Splunk-related jobs
- Open Ruby-related jobs
- Open Intrusion detection-related jobs
- Open OSCP-related jobs
- Open Security assessments-related jobs
- Open Encryption-related jobs
- Open Docker-related jobs
- Open Threat detection-related jobs
- Open IPS-related jobs
- Open TCP/IP-related jobs
- Open HIPAA-related jobs
- Open Cryptography-related jobs
- Open Unix-related jobs
- Open DevSecOps-related jobs
- Open GDPR-related jobs
- Open PowerShell-related jobs