Director Corporate Security Incident Response Team (CSIRT)
Remote - US / Canada
GitHub
GitHub is where over 100 million developers shape the future of software, together. Contribute to the open source community, manage your Git repositories, review code like a pro, track bugs and features, power your CI/CD and DevOps workflows,...We are looking for an exceptional Corporate Security Incident Response Team Director with extensive hands-on leadership experience. This role will be responsible for managing teams that ensure GitHub Corporate Infrastructure is secure, responding to incidents, and identifying threats to GitHub. You will report to the VP of Security Operations and lead teams of talented Security Engineers and responders.
Here are a few things the team does:
- Threat Detection - Our team detects and analyzes threats against Hubbers, Hubber Devices, and GitHub Infrastructure. We hunt for malicious activity and build tools to aid in our efforts.
- Incident Response - We respond to corporate security incidents of all kinds, develop playbooks and processes to streamline compliance, and work with Hubbers and leadership across the company to mitigate security issues.
- Threat Intelligence - Our team partners with industry peers to develop, share, and respond to intelligence that may pose a threat to GitHub or our customers.
- Consulting - We collaborate with engineers throughout GitHub to design solutions to security obstacles that pragmatically balance between security, usability, and performance
As our Director of CSIRT, you will work alongside other members of the GitHub Security and Engineering organizations including Product Security Engineering, GRC, and Platform Health to drive cross-functional initiatives. You will work with your managers and ICs to mature detection and response processes according to company growth and industry best practices. You will build and nurture relationships among your peers in Security Operations identifying and growing partnership opportunities, joint activities, and collaborative wins. A successful applicant will have a proven track record of building internal and external partnerships, creating healthy and inclusive team environments, and a desire to continue to grow as a leader and team member.
Responsibilities:
- Cultivate an environment across the organization where team members are empowered and have a strong sense of ownership and belonging.
- Provide technical leadership to grow the team through candid, ongoing feedback, mentoring, and career development.
- Lead successful projects, ensuring high quality and timely delivery of features.
- Hire, coach, and grow a diverse set of managers and engineers with differing perspectives, ideas, and experiences.
- Build partnerships throughout the company, with our parent company Microsoft, and across industry peers to share knowledge and best practices.
- Drive clarity with the team, fostering clear communication, understanding, and process improvements.
- Lead roadmap development and workforce planning and manage your group’s budgets, vendors, and consultants.
- Build the processes, tools, playbooks, controls, and analytic capabilities to detect and respond to threats across a large-scale web/cloud infrastructure.
- Encourage forward momentum and outcomes embodying a ship-to-learn mentality.
- Practice and lead with kindness - our team is often engaged when something has gone wrong or a teammate needs help. Treating each other with empathy and respect is foundational to building trust and creating positive relationships.
Minimum Qualifications:
- 10+ years experience in information security, operations, engineering, and/or IT
- 5+ years experience managing individual contributors with experience managing other managers
- Experience leading one or more of: threat detection lifecycle, incident response, corporate security, security engineering, and threat intelligence resources
- Track record of working with complex and high impact services at scale and/or distributed systems.
- The ability to take a pragmatic, risk-based approach to decision making while applying practical security principles and practices
- Experience with hiring and building a team.
- Experience with escalation management, escalation support and incident handling.
- Strong written and verbal communication skills.
- A strong sense of empathy, the ability to successfully advocate for your team, and the ability to create a psychologically safe team environment.
- Experience customizing team processes for maximum productivity and minimal burnout.
Preferred Qualifications
- Experience working as a remote employee, managing distributed teams and working asynchronously.
- Experience with software development and systems engineering life cycles including design, development, testing, and release, and maintenance.
- Experience collaborating with legal, privacy, communications, and law enforcement professionals.
- Experience using GitHub.com, and comfort using core features such as Issues and Pull Requests.
- Experience working with git, GitHub, and Microsoft Azure
Ability to meet GitHub, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft, GitHub’s parent company, Cloud Screen upon hire/transfer and every two years thereafter.
Who We Are:
GitHub is the developer company. We make it easier for developers to be developers: to work together, to solve challenging problems, and to create the world’s most important technologies. We foster a collaborative community that can come together—as individuals and in teams—to create the future of software and make a difference in the world.
Leadership Principles:
Customer Obsessed - Trust by Default - Ship to Learn - Own the Outcome - Growth Mindset - Global Product, Global Team - Anything is Possible - Practice Kindness
Why You Should Join:
At GitHub, we constantly strive to create an environment that allows our employees (Hubbers) to do the best work of their lives. We've designed one of the coolest workspaces in San Francisco (HQ), where many Hubbers work, snack, and create daily. The rest of our Hubbers work remotely around the globe. Check out an updated list of where we can hire here: https://github.com/about/careers/remote
We are also committed to keeping Hubbers healthy, motivated, focused and creative. We've designed our top-notch benefits program with these goals in mind. In a nutshell, we've built a place where we truly love working, we think you will too.
GitHub is made up of people from a wide variety of backgrounds and lifestyles. We embrace diversity and invite applications from people of all walks of life. We don't discriminate against employees or applicants based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship, disability, pregnancy status, veteran status, or any other differences. Also, if you have a disability, please let us know if there's any way we can make the interview process better for you; we're happy to accommodate!
Please note that benefits vary by country. If you have any questions, please don't hesitate to ask your Talent Partner.
#LI-POST
Tags: Azure Cloud Compliance CSIRT GitHub ICS Incident response Privacy Product security Threat detection Threat intelligence
Perks/benefits: Career development Health care Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open CEH-related jobs