Posted 6 months ago
This position is remote based.
The Red Team is responsible for driving red team process, strategy, and execution to improve overall security posture for GitLab internal, GitLab.com, and products. This is achieved through many means, including, but not limited to threat modeling, attacker model/methodology, risk impact assessment, attack simulation, and other methods.
As a member of the security team at GitLab, you will be working towards raising the bar on security. We will achieve that by working and collaborating with cross-functional teams to provide guidance on security best practices.
The Security Team ( https://about.gitlab.com/handbook/engineering/security/ ) is responsible for leading and implementing the various initiatives that relate to improving GitLab's security.
- Utilize threat modeling concepts and frameworks such as MITRE ATT&CK, STRIDE, etc. to constantly identify ways to protect and defend GitLab assets by executing attacks that emulate a range of adversaries
- Deliver measured results each quarter through metrics collection/reporting and OKRs
- Hire and manage a successful and impactful red team
- Work collaboratively and constructively across multiple departments at GitLab to enhance overall security posture
- Manage external contractors engaged by GitLab to conduct third-party red teaming activities
- Publish blog posts and present talks at security conferences
- Contribute to GitLab products by testing and proposing new features
- You have at least 3 years of prior experience with conducting red teaming and/or pentesting tasks
- You have a passion for security and open source
- You are a team player, and enjoy collaborating with cross-functional teams
- You are a great communicator
- You employ a flexible and constructive approach when solving problems
- You share our values ( https://about.gitlab.com/handbook/values/ ), and work in accordance with those values
- Please view the compensation range for this role at the bottom of the position description ( https://about.gitlab.com/job-families/engineering/security-management/ ).