Manager - Threat & Vulnerability Management
GitLabOur DevOps platform is a single application for unparalleled collaboration, visibility, and development velocity.
GitLab's DevOps platform empowers 100,000+ organizations to deliver software faster and more efficiently. We are one of the world’s largest all-remote companies with 1,400+ team members and values that guide a culture where people embrace the belief that everyone can contribute.
As part of the Threat Management sub-department, the vulnerability management team is responsible for understanding our cloud footprint and any potential vulnerabilities. We will accomplish this mission by working closely with infrastructure security, infrastructure and other security department teams.
Team Roles and Responsibilities
- Own and execute on a cloud asset management strategy.
- Own and execute on a vulnerability management strategy across all GitLab cloud environments.
- Own and execute on a patch management strategy collaborating with other teams as necessary.
- Define a roadmap to continually assess and iterate security best practices for our cloud environments.
- Support IT, infrastructure and infrastructure security efforts where possible
- Ensure the protection of both GitLab and GitLab customer data
- Track new and emerging threats to our environments
Manager, Vulnerability Management Team
- This position reports to Director of Threat Management
- Initially this position will be “player/coach” and play a role in building their team.
- As with other manager roles in security department this is a grade 8
- Define and iterate a department strategy and direction that addresses the following:
- Multi-cloud asset management
- Multi-cloud vulnerability management
- Multi-cloud patch management
- Define team structure, technical needs and job descriptions.
- Career Development
- Project Management
- Team Retrospectives
- Development department metrics
- Collaborate across all GitLab departments as necessary to further team strategy and goal.
- Identify, document and track team quarterly goals (OKRs).
- Provide tactical oversight and direction to the team.
- Hold regular 1:1 and team meetings.
- Ensure project plans and other documentation is always complete.
- Present on or perform read outs on initiative results to key stakeholders.
- Provide input and support to other managers across the Security Department.
- Demonstrate GitLab values and lead by example.
- Understanding of Git, and GitLab.
- Proven track record in executing on a comprehensive vulnerability management program.
- Hands on experience with all major cloud providers.
- Hands on experience with asset management, vulnerability management and patch management methodologies and tools.
- Experience leading security teams.
- Experience with a SaaS company.
- Remote work experience.
- Robust sense of ownership, urgency, and drive
- Excellent written and verbal communication skills, especially experience with executive-level communications
- Capability to make sound decisions in the face of ambiguity and imperfect knowledge
- Share our values, and work in accordance with those values
- Alignment with Manager responsibilities as outlined in Leadership at GitLab
Candidates for the Vulnerability Management Team Manager can expect the hiring process to follow the order below. Please keep in mind that candidates can be declined from the position at any stage of the process. To learn more about someone who may be conducting the interview, find their job title on our team page.
- Qualified candidates will be invited to schedule a 30 minute screening call with one of our Global Recruiters.
- Next, candidates will be invited to schedule a 45-60 minute interview with the Director of Threat Management.
- Candidates will then be invited to schedule separate 45 minute interviews with three members of the Security Organization
- Candidates will then be invited to an 30 minute interview with the VP of Security
- Successful candidates will subsequently be made an offer via email
Additional details about our process can be found on our hiring page.
GitLab Inc. is a company based on the GitLab open-source project. GitLab is a community project to which over 2,200 people worldwide have contributed. We are an active participant in this community, trying to serve its needs and lead by example. We have one vision: everyone can contribute to all digital content, and our mission is to change all creative work from read-only to read-write so that everyone can contribute.
We value results, transparency, sharing, freedom, efficiency, self-learning, frugality, collaboration, directness, kindness, diversity, inclusion and belonging, boring solutions, and quirkiness. If these values match your personality, work ethic, and personal goals, we encourage you to visit our primer to learn more. Open source is our culture, our way of life, our story, and what makes us truly unique.
Top 10 Reasons to Work for GitLab:
- Mission: Everyone can contribute
- Results: Fast growth, ambitious vision
- Flexible Work Hours: Plan your day so you are there for other people & have time for personal interests
- Transparency: Over 2,000 webpages in GitLab handbook, GitLab Unfiltered YouTube channel
- Iteration: Empower people to be effective & have an impact, Merge Request rate, We dogfood our own product, Directly responsible individuals
- Diversity, Inclusion & Belonging: A focus on gender parity, Team Member Resource Groups, other initiatives
- Collaboration: Kindness, saying thanks, intentionally organize informal communication, no ego
- Total Rewards: Competitive market rates for compensation, Equity compensation, global benefits (inclusive of office equipment)
- Work/Life Harmony: Flexible workday, Friends and Family days
- Remote Done Right: One of the world's largest all-remote companies, prolific inventor of remote best practices
See our culture page for more!
Work remotely from anywhere in the world. Curious to see what that looks like? Check out our remote manifesto and guides.
To view the full job description and its compensation calculator, view our handbook. The compensation calculator can be found towards the bottom of the page.
Additional details about our process can be found on our hiring page.For Colorado residents: The base salary range for this role’s listed level is currently $170,000-$255,000 for Colorado residents only. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, and alignment with market data. See more information on our benefits and equity. Sales roles are also eligible for incentive pay targeted at up to 100% of the offered base salary. Disclosure as required by the Colorado Equal Pay for >Equal Work Act, C.R.S. § 8-5-101 et seq. Remote-Global
Country Hiring Guidelines: GitLab hires new team members in countries around the world. All of our roles are remote, however some roles may carry specific location-based eligibility requirements. Our Talent Acquisition team can help answer any questions about location after starting the recruiting process.
GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. GitLab’s policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including family medical history), discharge status from the military, protected veteran status (which includes disabled veterans, recently separated veterans, active duty wartime or campaign badge veterans, and Armed Forces service medal veterans), or any other basis protected by law. GitLab will not tolerate discrimination or harassment based on any of these characteristics. See also GitLab’s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know during the recruiting process.
Explore more Information Security career opportunities
- Open IT Security Engineer jobs
- Open Senior Information Security Engineer jobs
- Open Cyber Security Engineer jobs
- Open Senior Incident Response Analyst jobs
- Open Staff Security Engineer jobs
- Open Vulnerability Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Azure Security Engineer jobs
- Open Personnel Security Officer jobs
- Open Security Operations Engineer jobs
- Open Senior Infrastructure Security Engineer jobs
- Open Infrastructure Security Engineer jobs
- Open Cyber Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Senior Penetration Tester jobs
- Open Information Security Architect jobs
- Open Information Security Officer jobs
- Open Threat Intelligence Response Analyst jobs
- Open SOC Analyst jobs
- Open Sr. Product Security Engineer jobs
- Open Privacy Manager jobs
- Open Cybersecurity Engineer jobs
- Open Security Officer 3 jobs
- Open Cloud Security Operations Lead jobs
- Open DevOps-related jobs
- Open PCI-related jobs
- Open Threat intelligence-related jobs
- Open OWASP-related jobs
- Open Clearance-related jobs
- Open Machine Learning-related jobs
- Open IDS-related jobs
- Open Encryption-related jobs
- Open Open Source-related jobs
- Open CEH-related jobs
- Open Splunk-related jobs
- Open Forensics-related jobs
- Open Intrusion detection-related jobs
- Open Ruby-related jobs
- Open Security assessments-related jobs
- Open OSCP-related jobs
- Open Threat detection-related jobs
- Open Docker-related jobs
- Open GDPR-related jobs
- Open DevSecOps-related jobs
- Open HIPAA-related jobs
- Open IPS-related jobs
- Open Unix-related jobs
- Open TCP/IP-related jobs