Job Closed
This listing is no longer active.
Build software faster. The One DevOps Platform enables your entire org to collaborate around your code. We're hiring.
Principal Cybersecurity Incident Manager
Location
United States
Posted
70 days ago
Salary
$168K - $270K / year
Seniority
Lead
Job Description
Principal Cybersecurity Incident Manager
GitLab
• Incident Command & Crisis Leadership: Serve as the primary Incident Commander for critical and complex security events across GitLab.com and corporate infrastructure, providing decisive leadership during high-stress situations • Cross-Functional Coordination: Orchestrate response efforts across Security Operations, Infrastructure, Legal, Engineering, Product, and executive stakeholders, maintaining clear communication streams and unified action plans • Technical Collaboration Leadership: Lead technical calls and/or establish effective async collaboration during incidents, managing participant contributions, keeping discussions focused, and ensuring efficient progress toward resolution • Blameless Post-Incident Reviews: Conduct comprehensive post-incident reviews and retrospectives, driving the creation of action items, process improvements, and systemic enhancements • Playbook Development: Design, maintain, and continuously improve incident response playbooks, runbooks, and standard operating procedures for various incident scenarios in conjunction with SIRT engineers • Process Engineering: Build and refine incident command frameworks, communication protocols, and escalation procedures that scale across a global, all-remote organization • Training & Mentorship: Develop and deliver incident command training programs, mentor incident commanders at various levels, and build organizational muscle memory for effective incident response • Stakeholder Communication: Translate technical incident details into clear, actionable communications for executive leadership, customers, and internal stakeholders • Automation & Tooling: Identify opportunities for automation in incident response workflows and collaborate with engineering teams to build tools that enhance incident management capabilities • Threat Landscape Awareness: Maintain deep understanding of current threat actors, attack vectors, and security trends to inform incident response preparedness
Job Requirements
- 10+ years of experience in information security, with at least 5 years focused on incident response, security operations, or related disciplines
- Demonstrated experience serving as Incident Commander for critical security events in complex, distributed environments
- Command Presence: Proven ability to lead and coordinate teams during high-stress, high-impact incidents with clarity, authority, and calm decisiveness
- Strong knowledge of attacker tactics, techniques, and procedures (eg MITRE ATT&CK framework)
- Technical proficiency with cloud infrastructure (GCP, AWS), container orchestration (Kubernetes), and modern application architectures
- Experience with security information and event management (SIEM) platforms, log analysis, and security monitoring tools
- Excellent written and verbal communication skills, including the ability to communicate technical concepts to non-technical stakeholders and executive leadership
- Demonstrated ability to build relationships and coordinate effectively across security, engineering, legal, and business teams
- Ability to identify systemic issues from incident patterns and drive organizational improvements
- Share our values, and work in accordance with those values
- Nice to haves: Experience working with / in Site Reliability Engineering (SRE), DevOps, or Infrastructure Engineering; Experience with GitLab the product and familiarity with DevSecOps practices; Experience working in an all-remote or distributed team environment.
Benefits
- Benefits to support your health, finances, and well-being
- Flexible Paid Time Off
- Team Member Resource Groups
- Equity Compensation & Employee Stock Purchase Plan
- Growth and Development Fund
- Parental leave
- Home office support
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
• Performs a variety of routine project tasks applied to specialized information assurance problems with operational technology (OT) systems. • Tasks involve integration of OT processes or methodologies with information systems to resolve total system problems, or technology problems as they relate to Cybersecurity requirements. • Analyzes information security requirements. • Applies analytical and systematic approaches in the resolution of problems of workflow, organization, and planning. • Provides security engineering support for planning, design, development, testing, demonstration, integration of OT systems.
• Provides expert support, research and analysis of exceptionally complex problems, and processes relating to them. • Serves as technical expert to the Cybersecurity Assessment Program providing technical direction, interpretation, and alternatives to complex problems. • Thinks independently and demonstrates exceptional written and oral communications skills. • Applies advanced technical principles, theories, and concepts. • Contributes to the development of new principles, concepts, and methodologies. • Works on unusually complex technical problems and provides highly innovative and ingenious solutions. • Recommends cybersecurity software tools and assists in the development of software tool requirements and selection criteria to include the development of product specific STIGs from applicable DISA SRGs. • Works under consultative direction toward predetermined long-range goals and objectives. • Assignments are often self-initiated. • Determines and pursues courses of action necessary to obtain desired results. • Develops advanced technological ideas and guides their development into a final product.
Cloud Security Engineer
Tyto Athene, LLCAt Tyto Athene, we harness the power of technology to provide solutions that shape the future.
• Perform systems administration and maintenance including patching, vulnerability scanning, compliance scanning and remediation, backups, and recovery for cloud workloads • Primarily support AWS environments, including Windows and Linux virtual machines, container workloads, and cloud-native services • Support GCP and Azure cloud environments as needed • Configure, update, and maintain security tools for various security purposes • Troubleshoot issues across network, compute, application, and identity layers • Implement hardening and compliance controls • Remediate vulnerabilities identified by security tools • Provide quality assurance feedback during system deployments • Collaborate with Security Analysts to ensure uninterrupted delivery of security services • Create and maintain documentation • Support client communications, deliverables, and issue resolution • Support and mentor junior engineers • Contribute to automation and infrastructure-as-code initiatives
• Protect what matters most to our associates and customers by leading offensive security capabilities across the enterprise. • Drive strategic and operational excellence across threat intelligence, investigations, and offensive security to proactively identify, assess, and mitigate advanced cyber threats. • Lead and scale Offensive Security functions within the Security Operations organization. • Oversee proactive and reactive investigations, including advanced threat analysis, incident response support, and adversary-focused operations. • Drive offensive security strategies (e.g., threat-inform testing, red-team-aligned activities) to strengthen detection and response capabilities. • Establish tactical and strategic roadmaps aligned to SOC and multi-year cybersecurity objectives. • Mentor and develop high-performing leaders and teams; serve as a subject-matter expert in threat investigations and offensive security disciplines.
