{"schemaVersion":"jobsearcher.job.v1","id":"a9c2b8a5b6a2a12781295e97","url":"https://jobsearcher.com/jobs/a9c2b8a5b6a2a12781295e97","canonicalUrl":"https://jobsearcher.com/jobs/a9c2b8a5b6a2a12781295e97","title":"Manager, Security Incident Response Team","description":"Job Description: Manage day-to-day team operations - establish clear goals, performance expectations, and accountability for direct reports; monitor progress and ensure timely delivery of quality results.Develop and coach incident responders - provide candid, real-time feedback; advise on career growth; and foster a culture of investigation excellence, prioritizing depth and accuracy of analysis.Proactively identify and fill talent gaps - participate in hiring decisions with a focus on candidates who will amplify GitLab's values and raise the team's technical bar.Drive engagement and retention - recognize team member contributions, address engagement risks early, and create an environment of open feedback and psychological safety.Cascade organizational context - translate division and company-wide strategy into clear, actionable team priorities; keep team members informed in a timely manner.Implement and mature incident response processes - build and improve runbooks, procedures, and team capabilities that translate functional plans into tactical execution.Lead incident response - serve as an escalation point and incident commander for high-severity events, including occasional nights and weekends; model the standard for quality investigations.Enable cross-functional collaboration - coordinate effectively with peer SecOps teams, Legal, Customer Support, and Infrastructure to resolve incidents and close defense gaps through actionable retrospective mitigations.Align the team on defensive improvements - drive insights from alerts, investigations, and incidents to improve GitLab's security posture and support a \"shift left\" mindset.Champion remote-first practices - consistently model and coach team members on GitLab's remote working best practices, async communication norms, and handbook-first culture.Requirements: Proven people management experience - track record of managing and developing a team of security engineers, setting performance expectations, providing coaching, and driving accountability for results.Incident response leadership - demonstrated experience leading complex incident response operations, including large-scale incident coordination and the full lifecycle from triage to retrospective.Hands-on technical background - experience conducting security investigations and log analysis using SIEM tools (e.g., Splunk, Elastic); working knowledge of GCP and/or AWS, including cloud forensics.Customer-facing credibility - comfortable representing GitLab Security during customer escalations and high-visibility cybersecurity discussions.Proactive hunting and threat intelligence - proficiency in threat hunting based on intelligence, and familiarity with supply chain threats targeting SaaS platforms.AI and automation mindset - experience using AI/LLMs to improve incident response workflows and automate repetitive processes.Platform familiarity - experience using GitLab (or a comparable DevSecOps platform) for project tracking; bonus if you have experience responding to threats against a SaaS platform.Prioritization under pressure - ability to make sound operational decisions quickly, escalate issues cleanly, and guide the team on balancing what is urgent versus what is important.Due to government requirements, you must be a United States Citizen (defined as any individual who is a citizen of the United States by law, birth, or naturalization) to fill this position.Benefits: Benefits to support your health, finances, and well-beingFlexible Paid Time OffTeam Member Resource GroupsEquity Compensation & Employee Stock Purchase PlanGrowth and Development FundParental Leave","company":"GitLab","rawCompany":"gitlab","city":"Remote","state":"OR","isRemote":false,"isActive":false,"createdAt":"2026-05-21T02:39:54.438Z","occupations":[{"code":"11-3013.01","title":"Security Managers","slug":"security-managers"},{"code":"11-3021.00","title":"Computer and Information Systems Managers","slug":"computer-and-information-systems-managers"},{"code":"13-1199.07","title":"Security Management Specialists","slug":"security-management-specialists"}],"industries":[{"code":"541512","title":"Computer Systems Design Services","slug":"computer-systems-design-services"},{"code":"541511","title":"Custom Computer Programming Services","slug":"custom-computer-programming-services"},{"code":"513210","title":"Software Publishers","slug":"software-publishers"}],"jobPosting":{"@context":"https://schema.org","@type":"JobPosting","title":"Manager, Security Incident Response Team","description":"Job Description: Manage day-to-day team operations - establish clear goals, performance expectations, and accountability for direct reports; monitor progress and ensure timely delivery of quality results.Develop and coach incident responders - provide candid, real-time feedback; advise on career growth; and foster a culture of investigation excellence, prioritizing depth and accuracy of analysis.Proactively identify and fill talent gaps - participate in hiring decisions with a focus on candidates who will amplify GitLab's values and raise the team's technical bar.Drive engagement and retention - recognize team member contributions, address engagement risks early, and create an environment of open feedback and psychological safety.Cascade organizational context - translate division and company-wide strategy into clear, actionable team priorities; keep team members informed in a timely manner.Implement and mature incident response processes - build and improve runbooks, procedures, and team capabilities that translate functional plans into tactical execution.Lead incident response - serve as an escalation point and incident commander for high-severity events, including occasional nights and weekends; model the standard for quality investigations.Enable cross-functional collaboration - coordinate effectively with peer SecOps teams, Legal, Customer Support, and Infrastructure to resolve incidents and close defense gaps through actionable retrospective mitigations.Align the team on defensive improvements - drive insights from alerts, investigations, and incidents to improve GitLab's security posture and support a \"shift left\" mindset.Champion remote-first practices - consistently model and coach team members on GitLab's remote working best practices, async communication norms, and handbook-first culture.Requirements: Proven people management experience - track record of managing and developing a team of security engineers, setting performance expectations, providing coaching, and driving accountability for results.Incident response leadership - demonstrated experience leading complex incident response operations, including large-scale incident coordination and the full lifecycle from triage to retrospective.Hands-on technical background - experience conducting security investigations and log analysis using SIEM tools (e.g., Splunk, Elastic); working knowledge of GCP and/or AWS, including cloud forensics.Customer-facing credibility - comfortable representing GitLab Security during customer escalations and high-visibility cybersecurity discussions.Proactive hunting and threat intelligence - proficiency in threat hunting based on intelligence, and familiarity with supply chain threats targeting SaaS platforms.AI and automation mindset - experience using AI/LLMs to improve incident response workflows and automate repetitive processes.Platform familiarity - experience using GitLab (or a comparable DevSecOps platform) for project tracking; bonus if you have experience responding to threats against a SaaS platform.Prioritization under pressure - ability to make sound operational decisions quickly, escalate issues cleanly, and guide the team on balancing what is urgent versus what is important.Due to government requirements, you must be a United States Citizen (defined as any individual who is a citizen of the United States by law, birth, or naturalization) to fill this position.Benefits: Benefits to support your health, finances, and well-beingFlexible Paid Time OffTeam Member Resource GroupsEquity Compensation & Employee Stock Purchase PlanGrowth and Development FundParental Leave","datePosted":"2026-05-21T02:39:54.438Z","dateModified":"2026-05-21T02:39:54.438Z","hiringOrganization":{"@type":"Organization","name":"GitLab","sameAs":"https://jobsearcher.com"},"jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Remote","addressRegion":"OR","addressCountry":"US"}},"identifier":{"@type":"PropertyValue","name":"JobSearcher","value":"a9c2b8a5b6a2a12781295e97"},"url":"https://jobsearcher.com/jobs/a9c2b8a5b6a2a12781295e97"}}