GitLab

Principal Cybersecurity Incident Manager

GitLab

full-time

Posted on:

Location Type: Remote

Location: United States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $168,000 - $270,000 per year

Job Level

Lead

Tech Stack

AWSCloudGoogle Cloud PlatformKubernetes

About the role

  • Incident Command & Crisis Leadership: Serve as the primary Incident Commander for critical and complex security events across GitLab.com and corporate infrastructure, providing decisive leadership during high-stress situations
  • Cross-Functional Coordination: Orchestrate response efforts across Security Operations, Infrastructure, Legal, Engineering, Product, and executive stakeholders, maintaining clear communication streams and unified action plans
  • Technical Collaboration Leadership: Lead technical calls and/or establish effective async collaboration during incidents, managing participant contributions, keeping discussions focused, and ensuring efficient progress toward resolution
  • Blameless Post-Incident Reviews: Conduct comprehensive post-incident reviews and retrospectives, driving the creation of action items, process improvements, and systemic enhancements
  • Playbook Development: Design, maintain, and continuously improve incident response playbooks, runbooks, and standard operating procedures for various incident scenarios in conjunction with SIRT engineers
  • Process Engineering: Build and refine incident command frameworks, communication protocols, and escalation procedures that scale across a global, all-remote organization
  • Training & Mentorship: Develop and deliver incident command training programs, mentor incident commanders at various levels, and build organizational muscle memory for effective incident response
  • Stakeholder Communication: Translate technical incident details into clear, actionable communications for executive leadership, customers, and internal stakeholders
  • Automation & Tooling: Identify opportunities for automation in incident response workflows and collaborate with engineering teams to build tools that enhance incident management capabilities
  • Threat Landscape Awareness: Maintain deep understanding of current threat actors, attack vectors, and security trends to inform incident response preparedness

Requirements

  • 10+ years of experience in information security, with at least 5 years focused on incident response, security operations, or related disciplines
  • Demonstrated experience serving as Incident Commander for critical security events in complex, distributed environments
  • Command Presence: Proven ability to lead and coordinate teams during high-stress, high-impact incidents with clarity, authority, and calm decisiveness
  • Strong knowledge of attacker tactics, techniques, and procedures (eg MITRE ATT&CK framework)
  • Technical proficiency with cloud infrastructure (GCP, AWS), container orchestration (Kubernetes), and modern application architectures
  • Experience with security information and event management (SIEM) platforms, log analysis, and security monitoring tools
  • Excellent written and verbal communication skills, including the ability to communicate technical concepts to non-technical stakeholders and executive leadership
  • Demonstrated ability to build relationships and coordinate effectively across security, engineering, legal, and business teams
  • Ability to identify systemic issues from incident patterns and drive organizational improvements
  • Share our values, and work in accordance with those values
  • Nice to haves: Experience working with / in Site Reliability Engineering (SRE), DevOps, or Infrastructure Engineering; Experience with GitLab the product and familiarity with DevSecOps practices; Experience working in an all-remote or distributed team environment.
Benefits
  • Benefits to support your health, finances, and well-being
  • Flexible Paid Time Off
  • Team Member Resource Groups
  • Equity Compensation & Employee Stock Purchase Plan
  • Growth and Development Fund
  • Parental leave
  • Home office support
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
incident responsesecurity operationscloud infrastructureGCPAWSKubernetesSIEM platformslog analysissecurity monitoring toolsMITRE ATT&CK framework
Soft Skills
leadershipcommunicationcoordinationmentorshiprelationship buildingdecisivenessproblem-solvingtrainingclaritycalmness