GitLab

Principal Field Security Engineer

GitLab

full-time

Posted on:

Location Type: Remote

Location: Remote • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $200,000 - $280,000 per year

Job Level

Lead

Tech Stack

Cloud

About the role

  • Serve as the primary security point of contact for enterprise customer questions, requests, and concerns
  • Join customer and prospect meetings to provide expert guidance on GitLab’s security practices and controls in order to address security, privacy, and compliance requirements
  • Build and maintain templates, playbooks, fallback positions, and training that simplify and accelerate negotiations.
  • Facilitate customer assurance activities through our Customer Assurance Activities Service Desk
  • Provide escalation support for complex security questionnaires, RFPs, and risk assessments
  • Perform comprehensive contract reviews for both customer agreements and vendor relationships
  • Analyze security and compliance clauses in legal documents
  • Provide risk-based recommendations and remediation guidance for contractual security requirements
  • Partner with Legal, Sales, Product, and Procurement teams to negotiate security-related contract terms. Manage escalations, collaborate across other teams, and develop solutions to enable team and business partners to close deals.
  • Document and track contract-related security obligations
  • Act as a trusted technical thought leader, developing internal and external security content such as blog posts, whitepapers, technical standards, and field sales enablement training materials.
  • Keep abreast of the rapidly evolving regulatory landscape affecting our agreements. Identify, track, and facilitate solutions for security-related customer trends and improvement areas
  • Build and strengthen GitLab's security brand within the industry
  • Maintain and enhance GitLab's Trust Center and self-service security resources
  • Provide strategic recommendations based on customer security concerns in support of revenue growth
  • Participate in Quarterly Business Reviews to inform product and security roadmap decisions
  • Mentor and provide guidance to Security Assurance team members
  • Drive continuous improvement of Field Security processes and documentation
  • Design and implement solutions to enable Sales facing teams to successfully discuss security problems and topics with customers

Requirements

  • 10+ years of experience in information security, with at least 5 years in customer-facing security roles
  • Deep expertise in security frameworks and standards such as (SOC 2, ISO 27001, FedRAMP, GDPR, NIST, etc.)
  • Proven track record of contract negotiation and security/privacy agreement reviews
  • Exceptional written and verbal communication skills with the ability to translate complex technical concepts for diverse audiences
  • Experience creating security content (blogs, whitepapers, presentations). Experience speaking at conferences is a plus.
  • Strong understanding of cloud security, SaaS security models, and DevSecOps practices
  • Experience working cross-functionally with Sales, Legal, Product, and Engineering teams
  • Ability to balance security risk with business objectives.
Benefits
  • Benefits to support your health, finances, and well-being
  • Flexible Paid Time Off
  • Team Member Resource Groups
  • Equity Compensation & Employee Stock Purchase Plan
  • Growth and Development Fund
  • Parental leave
  • Home office support

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
information securitysecurity frameworksSOC 2ISO 27001FedRAMPGDPRNISTcloud securitySaaS securityDevSecOps
Soft skills
written communicationverbal communicationcontract negotiationmentoringcross-functional collaborationrisk assessmentstrategic recommendationscustomer engagementproblem-solvingtechnical thought leadership