Infrastructure Security Engineer - Security Logging

The Security Logging engineers own security initiatives related to security of GitLab.com. They work to improve the coverage and usability of security-data on GitLab. They work very closely with the Security Incident Response Team [SIRT] and share findings proactively.

Responsibilities

• Be part of the architectural direction, administration, maintenance, documentation, and oversight of the Security information and event management [SIEM] solution
• Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting
• Manage implementation, enhancement and adoption of the solutions built by the team into operations
• Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers
• Conduct incident response investigations
• Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.)
• Ensure compliance with internal policies, standards, and regulatory requirements
• Contribute to creation of runbooks

Requirements

• Ability to use GitLab
• Good written and verbal communication skills
• Experience working in site-reliability engineering, cloud security, system engineering, or similar positions
• Experience with Google Cloud Platform (preferred) or Amazon Web Services
• Substantial knowledge of the Linux operating system
• Experience with one or more programming languages (Python and either Ruby, Go, or PHP)
• Demonstrated experience with running systems at scale
• Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details
• Share our values, and work in accordance with those values

Levels

Senior Log Management Engineer

This position reports to the Manager, Infrastructure Security.

Senior Log Management Engineer Job Grade

The Senior Log Management Engineer is a grade 7.

Senior Log Management Engineer Responsibilities

• Create and provide oversight for rule creation to generate actionable security alerts
• Be a subject-matter expert (SME) of at least 1 technical area impacting the security of the product
• Identify inconsistencies in logs and work with development, infrastructure and security teams and work to standardize them
• Assist on root cause analysis (RCA) and security incident reviews
• Guarantee the availability, and recoverability of the SIEM ecosystem
• Assist on actions to mitigate any threats based on findings
• Mentor other members of the Security Team
• Ownership and delivery on complex projects

Senior Log Management Engineer Requirements

• Experience working with incident response
• Experience with logging systems and log analysis
• Experience using and administrating analysis platforms such as Splunk, ELK, BigQuery, etc…
• Experience with orchestration technologies such as Chef, Puppet or Ansible
• Experience with infrastructure-as-code
• Working experience with Kubernetes and Docker
• Capability to build working relationships with key stakeholders

Hiring Process

Work remotely from anywhere in the world. Curious to see what that looks like? Check out our remote manifesto and guides.

To view the full job description and its compensation calculator, view our handbook. The compensation calculator can be found towards the bottom of the page.

For Colorado residents: The base salary range for this role’s listed level is currently $124,300-$226,400 for Colorado residents only. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, and alignment with market data. See more information on our benefits and equity. Sales roles are also eligible for incentive pay targeted at up to 100% of the offered base salary. Disclosure as required by the Colorado Equal Pay for >Equal Work Act, C.R.S. § 8-5-101 et seq.

Additional details about our process can be found on our hiring page.