Engineering Manager, Security Risk Management: Security Insights
GitLab
SDLC
Analyst
Powder River Industries
full-time
Posted on:
Location: District of Columbia, Florida • 🇺🇸 United States
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
SDLC
About the role
- Support the self-hosted implementation of GitLab Duo by assisting with requirements gathering, operationalization of AI governance, and documentation and training for over 300 supported application teams
- Implement the approved AI governance strategy for GitLab Duo
- Develop, document, and maintain best practices for secure and effective use of GitLab Duo and associated AI features
- Create a comprehensive integration guide for the development community with step-by-step instructions, security considerations, and troubleshooting tips
- Coordinate with engineering, security, and DevOps teams to ensure governance controls are properly integrated and communicated
- Prepare documentation for internal and external audits, including evidence of compliance with AI governance policies
- Monitor adoption and usage of GitLab Duo, gathering feedback to inform governance and best practice updates
- Provide training sessions and materials to program and project teams to support knowledge transfer and effective use of AI-powered tools
- Support the rollout of GitLab Duo to the larger development community, addressing questions and facilitating onboarding
- Measure AI-assisted impact across a wide variety of application teams and report results to engineering, security, and program teams
Requirements
- Secret clearance (or above)
- Experience with documentation development, training delivery, and process improvement
- Familiarity with GitLab workflows and AI assist tools (e.g., GitHub Copilot, Amazon CodeWhisperer)
- Knowledge of secure software development lifecycle (SDLC), DevSecOps practices, and Agile (Jira)
- Excellent communication, presentation, and stakeholder engagement skills
- Experience supporting AI governance or compliance initiatives in federal or DoD environments (preferred)
- Understanding of FedRAMP High security controls and compliance requirements (preferred)
- Experience developing user guides, training materials, or technical documentation (preferred)
- Strong analytical and problem-solving skills (preferred)
- A notification to prospective applicants that reviews, and tests for the absence of any illegal drug as defined in 10 CFR 707.4, will be conducted by the employer and a background investigation by the Federal government may be required to obtain an access authorization prior to employment, and that subsequent reinvestigations may be required. If the position is covered by the Counterintelligence Evaluation Program regulations at 10 CFR part 709, the announcement should also alert applicants that successful completion of a counterintelligence evaluation may include a counterintelligence-scope polygraph examination.
