Skip to content
GitLabGitLabUnited States

Manager, Security Incident Response Team (USA)

Leads the Security Incident Response Team in the Americas, managing engineers through threat hunting, investigations, triage, and large-scale responses while coaching performance and driving process improvements using AI and automation.

150k – 235k/yr
RemoteSecurity Engineering

About the role

What You'll Do

  • Manage day-to-day team operations - establish clear goals, performance expectations, and accountability for direct reports; monitor progress and ensure timely delivery of quality results.
  • Develop and coach incident responders - provide candid, real-time feedback; advise on career growth; and foster a culture of investigation excellence, prioritizing depth and accuracy of analysis.
  • Proactively identify and fill talent gaps - participate in hiring decisions with a focus on candidates who will amplify GitLab's values and raise the team's technical bar.
  • Drive engagement and retention - recognize team member contributions, address engagement risks early, and create an environment of open feedback and psychological safety.
  • Cascade organizational context - translate division and company-wide strategy into clear, actionable team priorities; keep team members informed in a timely manner.
  • Implement and mature incident response processes - build and improve runbooks, procedures, and team capabilities that translate functional plans into tactical execution.
  • Lead incident response - serve as an escalation point and incident commander for high-severity events, including occasional nights and weekends; model the standard for quality investigations.
  • Enable cross-functional collaboration - coordinate effectively with peer SecOps teams, Legal, Customer Support, and Infrastructure to resolve incidents and close defense gaps through actionable retrospective mitigations.
  • Align the team on defensive improvements - drive insights from alerts, investigations, and incidents to improve GitLab's security posture and support a "shift left" mindset.
  • Champion remote-first practices - consistently model and coach team members on GitLab's remote working best practices, async communication norms, and handbook-first culture.

What You'll Bring

  • Proven people management experience - track record of managing and developing a team of security engineers, setting performance expectations, providing coaching, and driving accountability for results.
  • Incident response leadership - demonstrated experience leading complex incident response operations, including large-scale incident coordination and the full lifecycle from triage to retrospective.
  • Hands-on technical background - experience conducting security investigations and log analysis using SIEM tools (e.g., Splunk, Elastic); working knowledge of GCP and/or AWS, including cloud forensics.
  • Customer-facing credibility - comfortable representing GitLab Security during customer escalations and high-visibility cybersecurity discussions.
  • Proactive hunting and threat intelligence - proficiency in threat hunting based on intelligence, and familiarity with supply chain threats targeting SaaS platforms.
  • AI and automation mindset - experience using AI/LLMs to improve incident response workflows and automate repetitive processes.
  • Platform familiarity - experience using GitLab (or a comparable DevSecOps platform) for project tracking; bonus if you have experience responding to threats against a SaaS platform.
  • Prioritization under pressure - ability to make sound operational decisions quickly, escalate issues cleanly, and guide the team on balancing what is urgent versus what is important.

Skills

SplunkElasticGCPAWSSIEMGitLabAILLMsThreat HuntingIncident ResponseCloud Forensics
Mercor

Software Engineer, Identity

MercorSan Francisco, CA

Build and scale Mercor's novel identity and access management infrastructure across thousands of Slack workspaces and HR systems for a 100k+ expert network. Requires strong product engineering, large-scale distributed systems experience, and security-minded design instincts.

150k – 325k/yr
On-site5+ YOESecurity Engineering
AKASA

IT Security Operations Engineer

AKASASan Francisco, CA

IT Security Operations Engineer responsible for implementing DLP, email security, endpoint protection, Okta/Google Workspace hardening, automation, compliance evidence collection, and incident response in a hybrid healthcare AI startup.

150k – 190k/yr
Hybrid4+ YOESecurity Engineering
Novig

Security Engineer

NovigNew York, NY

Build and maintain security automation pipelines, AI agents, SOAR/SIEM integrations, vulnerability management, and IAM systems for a sports prediction market platform.

150k – 200k/yr
On-site5+ YOESecurity Engineering
Fal

Governance, Risk & Compliance Engineer

FalSan Francisco, CA

GRC Engineer responsible for designing and improving governance, risk management, and compliance programs at a generative AI platform company. Manage certifications (SOC 2, ISO 27001, GDPR), lead risk assessments, support customer security reviews, and develop automation for cloud and AI infrastructure controls.

150k – 250k/yr
On-site5+ YOESecurity Engineering
Applied Intuition

Security Engineer (Purple Team)

Applied IntuitionSunnyvale, CA

Performs offensive security testing, penetration assessments, and risk analysis on vehicle software platforms and embedded systems. Collaborates with engineering teams to design secure architectures and implement mitigations for automotive products.

150k – 220k/yr
On-siteSecurity Engineering