GitLab logo
GitLab

GitLab, founded in 2011 and based in San Francisco, California, maintains a distributed team of professionals that work remotely across multiple continents. Git

Senior Security Engineer, Security Incident Response Team

Security OperationsSecurity OperationsFull TimeRemoteSeniorTeam 2,500Since 2014Company Site

Location

Europe

Posted

2 days ago

Salary

0

Seniority

Senior

Job Description

Senior Security Engineer, Security Incident Response Team

GitLab

• Lead and coordinate end-to-end incident response for high-severity security events within a 24/7 global on-call model, with this role operating during EMEA business hours • Prepare clear executive communications that keep stakeholders informed during incidents • Investigate complex security incidents across cloud environments, applying strong Digital Forensics and Incident Response (DFIR) methodologies • Partnering with Signals Engineering to design and implement detection capabilities, including SIEM use cases, alerting strategies, and telemetry pipelines • Build and enhance automation and AI-assisted workflows to improve triage, investigation speed, and response consistency • Partner with Threat Intelligence to contextualize threats and improve detection coverage • Conduct root cause analysis (RCA) and lead post-incident reviews to drive continuous improvement and risk reduction • Develop and maintain runbooks, playbooks, and operational documentation • Collaborate cross-functionally (Engineering, Infrastructure, Legal, Product, Communications, etc) during incidents and lead proactive initiatives (e.g. tabletops) • Mentor other engineers and help elevate the team’s overall incident response maturity

Job Requirements

  • Strong experience in security incident response and investigations in cloud-first environments
  • Experience using or administering Git/GitLab in a security or engineering context
  • Hands-on experience with SIEM, EDR, and/or detection engineering
  • Experience with cloud platforms (AWS & GCP)
  • Familiarity with threat intelligence and adversary tactics (e.g., MITRE ATT&CK)
  • Experience building or working with automation (e.g., Python, scripting, SOAR platforms)
  • Interest or experience in applying AI/ML or data-driven techniques to detection, triage, or response workflows
  • Strong analytical and problem-solving skills; ability to operate effectively during high-severity incidents
  • Excellent written communication skills with a passion for clear, actionable documentation
  • Growth mindset with a proactive approach to identifying and mitigating security risks

Benefits

  • Benefits to support your health, finances, and well-being
  • Flexible Paid Time Off
  • Team Member Resource Groups
  • Equity Compensation & Employee Stock Purchase Plan
  • Growth and Development Fund
  • Parental Leave

Related Categories

Related Job Pages

More Security Operations Jobs

Full TimeRemoteTeam 10,001+H1B Sponsor

Role Description Fortinet is seeking a dynamic and results-oriented individual to join our team as a SECOPS Business Development Manager. In this role, you will be responsible for driving business growth and expanding our market presence in the Security Operations (SECOPS) sector. You will play a pivotal role in identifying new business opportunities, building strategic partnerships, and driving revenue growth through effective sales strategies. - Develop and execute strategic plans to drive business growth in the SECOPS sector, leveraging Fortinet's industry-leading cybersecurity solutions. - Identify and cultivate relationships with key decision-makers, influencers, and stakeholders in target organizations. - Collaborate with cross-functional teams including sales and Pre-Sales, marketing and Channel to develop and execute Go-to-Market strategies. - Drive SecOps sales opportunities together with Sales and Pre-Sales through the entire sales cycle, from lead generation to closing deals. - Conduct market research and analysis to identify emerging trends, competitive landscape, and customer needs. - Provide input to product development teams based on market feedback and customer requirements. - Educate Sales Teams on positioning of the Fortinet offering. - Meet and exceed sales targets, revenue goals, and other key performance metrics. - Represent Fortinet at industry events, conferences, and seminars to showcase our SECOPS solutions and thought leadership. Qualifications - Bachelor's degree in Business Administration, Marketing, Computer Science, or related field. MBA is a plus. - Proven track record of success in business development, sales, or account management roles within the cybersecurity industry, with a focus on SECOPS solutions. - Strong understanding of Security Operations Center (SOC) environments, security incident response, threat detection, and remediation. - Excellent communication, presentation, and negotiation skills. Ability to articulate complex technical concepts to both technical and non-technical audiences. - Self-motivated, proactive, and results-driven with the ability to work effectively in a fast-paced, dynamic environment. - Strong analytical skills with the ability to analyze market trends, customer data, and sales performance metrics. - Experience working with channel partners, resellers, and distributors is a plus. - Willingness to travel as needed. Benefits - Opportunity to work for a global leader in cybersecurity with a strong reputation for innovation and excellence. - Competitive compensation package including base salary, commission, and benefits. - Career growth opportunities in a dynamic and fast-growing industry. - Collaborative and inclusive work environment with a focus on teamwork and professional development. Company Description Fortinet is a global leader in high-performance cybersecurity solutions. With a mission to secure People, Devices and Data everywhere, Fortinet offers a comprehensive suite of products and services to protect businesses of all sizes.

DACH
Danaher Corporation logo

Analyst, Security Operations

Danaher Corporation

Join our winning team today. Together, we’ll accelerate the real-life impact of tomorrow’s science and technology. We partner with customers across the globe to help them solve their most complex challenges, architecting solutions that bring the power of science to life. For more information, visit www.danaher.com .

Full TimeRemoteTeam 10,001+H1B Sponsor

• Review and respond to security events • Investigate to root cause with multiple internal organizations • Mentor junior analysts and support onboarding of new team members • Document existing processes for handling security escalations • Support Incident Response containment and eradication activities • Develop relationships with multiple Security and IT teams

United States
$125K - $145K / year

Role Description CertifyOS is looking for a versatile IT Systems & Security Operations Specialist to bridge the gap between technical infrastructure management and security compliance. This mid-senior role is designed for a technical "all-rounder" who can manage L1 helpdesk escalations, lead complex system configurations, and ensure our organization remains audit-ready. As a critical member of our global infrastructure team, you will move beyond standard ticket resolution to focus on system improvement, automation, and advanced security governance. Work Timing: Rotational shifts (Including Night Shifts) Key Responsibilities - Advanced Systems Configuration & Improvement - Lead senior-level configuration and optimization of core SaaS platforms, including Google Workspace, JumpCloud (Identity Management), and Slack. - Architect and maintain Single Sign-On (SSO) integrations and Identity and Access Management (IAM) policies across all enterprise tooling. - Proactively identify bottlenecks in our current IT stack and implement technical solutions to enhance performance and user experience. - Security Operations & Compliance Audits - Proactively improving IT, Cloud, and Data security frameworks to mitigate risks. - Conduct regular, comprehensive audits of user permissions and system logs to ensure compliance with the principle of least privilege. - Conducting regular user access audits and monitoring security dashboards to lead technical vulnerability remediation. - Monitor security dashboards (EDR/MDM) and lead the technical remediation of identified vulnerabilities across the endpoint fleet. - IT Operations, Lifecycle Management & Support - Serve as the primary senior technical resource for L1 Helpdesk analysts, resolving complex escalations that require deeper system access. - Manage the full employee lifecycle, including ownership of end-to-end onboarding, offboarding, and asset retrieval processes, coordinating seamlessly with stakeholders. - Security, Compliance & Client Due Diligence - Lead responses to customer security questionnaires, RFPs, and TPRA/vendor security reviews, ensuring consistency and accuracy. - Serve as a key point of contact for client-facing security and compliance inquiries during due diligence processes. - Support the Security team in collecting and organizing evidence for SOC 2, HIPAA, and HITRUST audit readiness. - Process Automation - Design and implement automation scripts (Python/Bash) or low-code workflows to streamline repetitive IT tasks. - Continuously improve the automated provisioning process to ensure new hires are fully productive within their first 24 hours. - Performance, Reporting & OKRs - Own and maintain weekly and monthly IT/Security OKRs, including tracking progress, reporting metrics, and taking full initiative ownership. Qualifications - 5–8 years of progressive experience in IT Operations and Security. - Advanced knowledge of Google Workspace administration, JumpCloud (or similar IDP/MDM), and GCP IAM. - Deep experience in security frameworks (HIPAA/HITRUST/SOC 2), including hands-on experience supporting and maintaining SOC 2 audits. - Deep hands-on experience supporting and maintaining SOC 2 compliance/audit readiness. - Practical experience with scripting languages (Python) or automation tools to drive operational efficiency. - Must be comfortable working in a rotational shift environment, including night shifts, to support our global 24/7 operations. Preferred Qualifications - Relevant certifications (e.g., CompTIA Security+, Google Professional Workspace Administrator). - Previous experience in a high-growth startup or the healthcare technology industry. - Strong communication skills with the ability to report technical progress directly to executive leadership. Benefits - 100% coverage of health, dental, and vision insurance premiums for employees. - Unlimited PTO, with at least two weeks off each year to recharge for US-based team members. - Health insurance, statutory leave benefits, and additional wellness (menstrual) leave for women in India. - Commitment to building an inclusive environment where everyone feels valued and empowered. - Reasonable accommodations during the application process available upon request. - Commitment to pay transparency and fostering an open culture where compensation conversations are encouraged and respected.

India
Full TimeRemoteTeam 1,001-5,000Since 2005H1B Sponsor

• Lead day-to-day SOC operations across cloud and on-prem environments • Serve as Incident Commander for major security incidents • Drive AI-powered security operations, automation, and threat detection initiatives • Lead detection engineering, threat hunting, and response improvements • Own and optimize SIEM, SOAR, EDR/XDR, and threat intelligence platforms • Develop incident response plans, playbooks, and automation workflows • Partner with IT, Cloud, Risk, and Compliance teams to strengthen security posture • Mentor and develop SOC analysts and security engineers

Illinois
$129.4K - $188.1K / year