Intermediate Security Engineer @ GitLab
Your Application Journey
Email Hiring Manager
Job Details
Overview
GitLab is an open-core software company that develops the AI-powered DevSecOps Platform used by over 100,000 organizations. Its mission is to enable contributions from everyone, accelerating human progress by co-creating critical software. The Intermediate Security Engineer role on the Security Incident Response Team (SIRT) is fundamental in protecting GitLab.com and the company from security threats while working remotely.
Role & Responsibilities
- Work on a compressed four-day workweek with extended shifts.
- Detect and respond to security incidents during scheduled shifts.
- Utilize incident response automation tools for investigation and resolution.
- Create and maintain incident response documentation and runbooks.
- Conduct post-incident analysis and drive continuous security improvements.
- Collaborate across teams to develop and enhance security capabilities.
What You’ll Bring
- Ability to independently lead incident response processes.
- Experience with SIEM/security logging tools and cloud platforms (GCP/AWS).
- Proficiency in Python or willingness to learn programming skills.
- Passion for technical documentation and forensic analysis.
- Interest in cloud-based security investigations and proactive threat identification.
About the Team & Benefits
The Security Operations team is a globally distributed group covering AMER, APAC, and EMEA regions. GitLab supports a high-performance, remote work culture with asynchronous work, flexible time off, equity compensation, growth budgets, and home office support.
Key skills/competency
Security, Incident, Response, SIEM, Cloud, Python, Automation, Documentation, Forensics, Collaboration
How to Get Hired at GitLab
🎯 Tips for Getting Hired
- Research GitLab: Review GitLab's open core culture and security approach.
- Tailor your resume: Highlight SIEM, cloud, and Python skills.
- Showcase incident response cases: Detail real examples of incident handling.
- Prepare for technical interviews: Focus on security automation and cloud platforms.