Director Corporate Security Incident Response Team (CSIRT)

Remote - US / Canada

Full Time Executive-level / Director
GitHub logo
GitHub is where over 65 million developers shape the future of software, together. Contribute to the open source community, manage your Git repositories, review code like a pro, track bugs and features, power your CI/CD and DevOps workflows,...
Apply now Apply later

We are looking for an exceptional Corporate Security Incident Response Team Director with extensive hands-on leadership experience. This role will be responsible for managing teams that ensure GitHub Corporate Infrastructure is secure, responding to incidents, and identifying threats to GitHub. You will report to the VP of Security Operations and lead teams of talented Security Engineers and responders.

Here are a few things the team does:

  • Threat Detection - Our team detects and analyzes threats against Hubbers, Hubber Devices, and GitHub Infrastructure. We hunt for malicious activity and build tools to aid in our efforts.
  • Incident Response - We respond to corporate security incidents of all kinds, develop playbooks and processes to streamline compliance, and work with Hubbers and leadership across the company to mitigate security issues.
  • Threat Intelligence - Our team partners with industry peers to develop, share, and respond to intelligence that may pose a threat to GitHub or our customers.
  • Consulting - We collaborate with engineers throughout GitHub to design solutions to security obstacles that pragmatically balance between security, usability, and performance
    As our Director of CSIRT, you will work alongside other members of the GitHub Security and Engineering organizations including Product Security Engineering, GRC, and Platform Health to drive cross-functional initiatives. You will work with your managers and ICs to mature detection and response processes according to company growth and industry best practices. You will build and nurture relationships among your peers in Security Operations identifying and growing partnership opportunities, joint activities, and collaborative wins. A successful applicant will have a proven track record of building internal and external partnerships, creating healthy and inclusive team environments, and a desire to continue to grow as a leader and team member.


  • Cultivate an environment across the organization where team members are empowered and have a strong sense of ownership and belonging.
  • Provide technical leadership to grow the team through candid, ongoing feedback, mentoring, and career development.
  • Lead successful projects, ensuring high quality and timely delivery of features.
  • Hire, coach, and grow a diverse set of managers and engineers with differing perspectives, ideas, and experiences.
  • Build partnerships throughout the company, with our parent company Microsoft, and across industry peers to share knowledge and best practices.
  • Drive clarity with the team, fostering clear communication, understanding, and process improvements.
  • Lead roadmap development and workforce planning and manage your group’s budgets, vendors, and consultants.
  • Build the processes, tools, playbooks, controls, and analytic capabilities to detect and respond to threats across a large-scale web/cloud infrastructure.
  • Encourage forward momentum and outcomes embodying a ship-to-learn mentality.
  • Practice and lead with kindness - our team is often engaged when something has gone wrong or a teammate needs help. Treating each other with empathy and respect is foundational to building trust and creating positive relationships.

Minimum Qualifications:

  • 10+ years experience in information security, operations, engineering, and/or IT
  • 5+ years experience managing individual contributors with experience managing other managers
  • Experience leading one or more of: threat detection lifecycle, incident response, corporate security, security engineering, and threat intelligence resources
  • Track record of working with complex and high impact services at scale and/or distributed systems.
  • The ability to take a pragmatic, risk-based approach to decision making while applying practical security principles and practices
  • Experience with hiring and building a team.
  • Experience with escalation management, escalation support and incident handling.
  • Strong written and verbal communication skills.
  • A strong sense of empathy, the ability to successfully advocate for your team, and the ability to create a psychologically safe team environment.
  • Experience customizing team processes for maximum productivity and minimal burnout.

Preferred Qualifications

  • Experience working as a remote employee, managing distributed teams and working asynchronously.
  • Experience with software development and systems engineering life cycles including design, development, testing, and release, and maintenance.
  • Experience collaborating with legal, privacy, communications, and law enforcement professionals.
  • Experience using, and comfort using core features such as Issues and Pull Requests.
  • Experience working with git, GitHub, and Microsoft Azure

Ability to meet GitHub, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:  Microsoft Cloud Background Check: This position will be required to pass the Microsoft, GitHub’s parent company, Cloud Screen upon hire/transfer and every two years thereafter.

Who We Are:

GitHub is the developer company. We make it easier for developers to be developers: to work together, to solve challenging problems, and to create the world’s most important technologies. We foster a collaborative community that can come together—as individuals and in teams—to create the future of software and make a difference in the world.

Leadership Principles:

Customer Obsessed - Trust by Default - Ship to Learn - Own the Outcome - Growth Mindset - Global Product, Global Team - Anything is Possible - Practice Kindness

Why You Should Join:

At GitHub, we constantly strive to create an environment that allows our employees (Hubbers) to do the best work of their lives. We've designed one of the coolest workspaces in San Francisco (HQ), where many Hubbers work, snack, and create daily. The rest of our Hubbers work remotely around the globe. Check out an updated list of where we can hire here:

We are also committed to keeping Hubbers healthy, motivated, focused and creative. We've designed our top-notch benefits program with these goals in mind. In a nutshell, we've built a place where we truly love working, we think you will too.

GitHub is made up of people from a wide variety of backgrounds and lifestyles. We embrace diversity and invite applications from people of all walks of life. We don't discriminate against employees or applicants based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship, disability, pregnancy status, veteran status, or any other differences. Also, if you have a disability, please let us know if there's any way we can make the interview process better for you; we're happy to accommodate!

Please note that benefits vary by country. If you have any questions, please don't hesitate to ask your Talent Partner.


Job region(s): Remote/Anywhere North America
Job stats:  25  2  0
  • Share this job via
  • or

Explore more Information Security career opportunities