Senior Security Risk Engineer - GitLab None Bookmark Share Print 637 0 0

Listing Description

As members of GitLab's Security Assurance sub department, the Security Risk team identifies, tracks, monitors and advises on security risks both operationally and for third party vendors. The team is responsible for implementation of proactive security risk management programs.



This position reports to the Manager, Security Risk at GitLab.



The Senior Security Risk Engineer is a 7.




  • Extends the Security Risk Engineer responsibilities

  • Execute end to end Security Risk initiatives in accordance with the compliance roadmap

  • Develop indicators to identify and control potential security operational risks

  • Develop risk treatment plans with risk owners to mitigate operational risks and test treatment plans for closure

  • Document detailed observations and meaningful remediation recommendations to mitigate third party risk

  • Map operational risks to common controls and advise on new common controls needed to cover emerging risks

  • Execute peer reviews and provide meaningful feedback

  • Design requirements for Security Risk automation tasks

  • Recommend new Security Risk metrics and automate reporting of existing metrics




  • Ability to use GitLab

  • At least 5 years of experience conducting customer support, security and risk management activities

  • Detailed experience with common risk management standards and models such as: ISO 31000, NIST 800-39, FAIR, ISACA Risk IT, OCTAVE

  • Demonstrated experience with at least four security control frameworks such as: SOC 2, ISO, NIST, COSO, COBIT

  • Demonstrated industry security experience, particularly in DevSecOps, Application Security and/or Cloud-Native Security



Candidates for this position can expect the hiring process to follow the order below. Please keep in mind that candidates can be declined from the position at any stage of the process. To learn more about someone who may be conducting the interview, find their job title on our team page.



  • Qualified candidates will be invited to schedule a 30 minute screening call with one of our Global Recruiters.

  • Next, candidates will be invited to schedule a 50-minute interviews with the hiring manager,

  • Then, candidates will be invited to schedule 3 separate 50-minute interviews with 3 different peers from within the Security orgnaization,

  • Finally, candidates will be invited to schedule a 25-minute interview with the Director, Security Risk and Compliance (Security Assurance).


Additional details about our process can be found on our hiring page.


Compensation


For Colorado residents: The base salary range for this role’s listed level is currently $110,900-$202,000 for Colorado residents only. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, and alignment with market data. See more information on our benefits and equity. Sales roles are also eligible for incentive pay targeted at up to 100% of the offered base salary. Disclosure as required by the Colorado Equal Pay for >Equal Work Act, C.R.S. § 8-5-101 et seq.

To view the full job description and its compensation calculator, view our handbook. The compensation calculator can be found towards the bottom of the page.




GitLab Inc. is a company based on the GitLab open-source project. GitLab is a community project to which over 2,200 people worldwide have contributed. We are an active participant in this community, trying to serve its needs and lead by example. We have one vision: everyone can contribute to all digital content, and our mission is to change all creative work from read-only to read-write so that everyone can contribute.


We value results, transparency, sharing, freedom, efficiency, self-learning, frugality, collaboration, directness, kindness, diversity, inclusion and belonging, boring solutions, and quirkiness. If these values match your personality, work ethic, and personal goals, we encourage you to visit our primer to learn more. Open source is our culture, our way of life, our story, and what makes us truly unique.


Top 10 Reasons to Work for GitLab:



  1. Mission: Everyone can contribute

  2. ResultsFast growthambitious vision

  3. Flexible Work Hours: Plan your day so you are there for other people & have time for personal interests

  4. TransparencyOver 2,000 webpages in GitLab handbookGitLab Unfiltered YouTube channel

  5. IterationEmpower people to be effective & have an impactMerge Request rateWe dogfood our own productDirectly responsible individuals

  6. Diversity, Inclusion & BelongingA focus on gender parityTeam Member Resource Groupsother initiatives

  7. CollaborationKindnesssaying thanksintentionally organize informal communicationno ego

  8. Total RewardsCompetitive market rates for compensationEquity compensationglobal benefits (inclusive of office equipment)

  9. Work/Life HarmonyFlexible workdayFriends and Family days

  10. Remote Done RightOne of the world's largest all-remote companiesprolific inventor of remote best practices


See our culture page for more!



Work remotely from anywhere in the world. Curious to see what that looks like? Check out our remote manifesto and guides.


 

Remote-Global

Listing Details

  • Citizenship: Not Provided
  • Incentives: Not Provided

 

  • Education: Not Provided
  • Travel: Not Provided
  • Telework: Not Provided

About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Useful Links

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765

requests@ninjajobs.org
www.ninjajobs.org
Chat with us!