Security Manager, Application Security

GitLab (View all Jobs)

Remote

Please mention No Whiteboard if you apply!
I'm a one-man team looking to improve tech interviews, and could use any support! 😄


Interview Process

1. A series of video calls 2. Coding exercise involving working on a Merge Request that is like a real work task

Salary

$140,000-$255,000

Programming Languages Mentioned

R


The GitLab DevOps platform empowers 100,000+ organizations to deliver software faster and more efficiently. We are one of the world’s largest all-remote companies with 1,600+ team members and values that guide a culture where people embrace the belief that everyone can contribute.

Application Security Engineers work closely with development teams, product managers (PM), and third-party groups (including the paid bug bounty program) to ensure that GitLab products are secure.

This position reports to the Security Engineering and Research Director role at GitLab.

The Application Security Manager is a grade 8.

  • Hire and oversee a world-class team of application security engineers.
  • Help their team grow their skills and experience.
  • Provide input on security architecture, issues, and features.
  • Hold regular 1:1's with all members of their team.
  • Create a sense of psychological safety on their team.
  • Recommend security-related technical and process improvements.
  • Author project plans for security initiatives.
  • Draft and successfully execute on quarterly OKRs.
  • Train team members to screen candidates and conduct managerial interviews.
  • Sense of ownership, urgency, and drive.
  • Excellent written and verbal communication skills, especially experience with executive-level communications.
  • Ability to make concrete progress in the face of ambiguity and imperfect knowledge.
  • Prepare and deliver meaningful metrics to Security Engineering and Research leadership.
  • Demonstrable prior people management experience. Enjoys working hard; is action-oriented and full of energy for the things he/she sees as challenging; not fearful of acting with a minimum of planning; seizes more opportunities than others.
  • Can effectively cope with change; can shift gears comfortably; can decide and act without having the total picture; isn’t upset when things are up in the air; doesn’t have to finish things before moving on; can comfortably handle risk and uncertainty.
  • Knows how businesses work; knowledgeable in current and possible future policies, practices, trends, and information affecting their business and organization; knows the competition; is aware of how strategies and tactics work in the marketplace.
  • Deals with problem reports firmly and in a timely manner; doesn’t allow problems to fester; regularly reviews performance and holds timely discussions; can make negative decisions when all other efforts fail; deals effectively with troublemakers.
  • Makes good decisions (without considering how much time it takes) based upon a mixture of analysis, wisdom, experience, and judgment; most of their solutions and suggestions turn out to be correct and accurate when judged over time; sought out by others for advice and solutions.
  • Provides challenging and stretching tasks and assignments; holds frequent development discussions; is aware of each report’s career goals; constructs compelling development plans and executes them; pushes reports to accept developmental moves; will take reports who need work; is a people builder.
  • Is good at establishing clear guidance; sets stretching goals; distributes the workload appropriately; lays out work in a well-planned and organized manner; maintains two-way dialogue with others on work and results; brings out the best in people; is a clear communicator.
  • Is widely trusted; is seen as a direct, truthful; can present the unvarnished truth in an appropriate and helpful manner; keeps confidences; admits mistakes; doesn’t misrepresent him/herself for personal gain.
  • Doesn’t hold back anything that needs to be said; provides current, direct, complete, and “actionable” positive and corrective feedback to others; lets people know where they stand; faces up to people problems on any person or situation (not including direct reports) quickly and directly; is not afraid to take negative action when necessary.
  • Assigns responsibility for tasks and decisions; sets clear goals and measures; monitors process, progress, and results; designs feedback loops into work.
  • Creates a climate in which people want to do their best; can motivate many kinds of reports and team or project members; can assess each person hot button and use it to get the best out of him/her; pushes tasks and decisions down; empowers others; invites input from each person and shares ownership and visibility; makes each person feel their work is important; is someone people like working for and with.
  • Scopes out length and difficulty of tasks and projects; sets goals; breaks down work into the process steps; develops schedules and task/people assignments; anticipates and adjusts for problems and roadblocks; measures performance against goals; evaluates results.
  • Uses rigorous logic and methods to solve difficult problems with effective solutions; probes all fruitful sources for answers; can see hidden problems; is excellent at honest analysis; looks beyond the obvious and doesn’t stop at the first answers.
  • Can be counted on to exceed goals successfully; is constantly and consistently one of the top performers; very bottom-line oriented; steadfastly pushes self and others for results.

Candidates for this position can expect the hiring process to follow the order below. Please keep in mind that candidates can be declined from the position at any stage of the process. To learn more about someone who may be conducting the interview, find their job title on our team page.

  • Qualified candidates will be invited to schedule a 30 minute screening call with one of our Global Recruiters.
  • Next, candidates will be invited to schedule 1 or 2 50-minute interviews with Application Security team member peers.
  • Then, candidates will be invited to schedule a 50-minute interview with the Application Security team hiring manager.
  • Finally, candidates will be invited to schedule a 30-minute interview with the Director, Security Engineering & Research.

Additional details about our process can be found on our hiring page.

To view the full job description and its compensation calculator, view our handbook. The compensation calculator can be found towards the bottom of the page.

Additional details about our process can be found on our hiring page.

For Colorado residents: The base salary range for this role’s listed level is currently $140,000-$255,000 for Colorado residents only. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, and alignment with market data. See more information on our benefits and equity. Sales roles are also eligible for incentive pay targeted at up to 100% of the offered base salary. Disclosure as required by the Colorado Equal Pay for >Equal Work Act, C.R.S. § 8-5-101 et seq.

GitLab Inc. is a company based on the GitLab open-source project. GitLab is a community project to which over 2,200 people worldwide have contributed. We are an active participant in this community, trying to serve its needs and lead by example. We have one vision: everyone can contribute to all digital content, and our mission is to change all creative work from read-only to read-write so that everyone can contribute.

We value results, transparency, sharing, freedom, efficiency, self-learning, frugality, collaboration, directness, kindness, diversity, inclusion and belonging, boring solutions, and quirkiness. If these values match your personality, work ethic, and personal goals, we encourage you to visit our primer to learn more. Open source is our culture, our way of life, our story, and what makes us truly unique.

Top 10 Reasons to Work for GitLab:

  1. Mission: Everyone can contribute
  2. ResultsFast growthambitious vision
  3. Flexible Work Hours: Plan your day so you are there for other people & have time for personal interests
  4. TransparencyOver 2,000 webpages in GitLab handbookGitLab Unfiltered YouTube channel
  5. IterationEmpower people to be effective & have an impactMerge Request rateWe dogfood our own productDirectly responsible individuals
  6. Diversity, Inclusion & BelongingA focus on gender parityTeam Member Resource Groupsother initiatives
  7. CollaborationKindnesssaying thanksintentionally organize informal communicationno ego
  8. Total RewardsCompetitive market rates for compensationEquity compensationglobal benefits (inclusive of office equipment)
  9. Work/Life HarmonyFlexible workdayFriends and Family days
  10. Remote Done RightOne of the world's largest all-remote companiesprolific inventor of remote best practices

See our culture page for more!

Work remotely from anywhere in the world. Curious to see what that looks like? Check out our remote manifesto and guides.

Remote-Global

Country Hiring Guidelines: GitLab hires new team members in countries around the world. All of our roles are remote, however some roles may carry specific location-based eligibility requirements. Our Talent Acquisition team can help answer any questions about location after starting the recruiting process.  

Privacy Policy: Please review our Recruitment Privacy Policy. Your privacy is important to us.

GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. GitLab’s policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including family medical history), discharge status from the military, protected veteran status (which includes disabled veterans, recently separated veterans, active duty wartime or campaign badge veterans, and Armed Forces service medal veterans), or any other basis protected by law. GitLab will not tolerate discrimination or harassment based on any of these characteristics. See also GitLab’s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know during the recruiting process.

Please mention No Whiteboard if you apply!
I'm a one-man team looking to improve tech interviews, and could use any support! 😄


Get weekly alerts of new jobs from companies not using whiteboard interviews!