Manager, Security Incident Response Team (USA)

GitLab is the intelligent orchestration platform for DevSecOps. GitLab enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 50 million registered users and more than 50% of the Fortune 100* trust GitLab to ship better, more secure software faster.

The same principles built into our products are reflected in how our team works: we embrace AI as a core productivity multiplier, with all team members expected to incorporate AI into their daily workflows to drive efficiency, innovation, and impact. GitLab is where careers accelerate, innovation flourishes, and every voice is valued. Our high-performance culture is driven by our values and continuous knowledge exchange, enabling our team members to reach their full potential while collaborating with industry leaders to solve complex problems. Co-create the future with us as we build technology that transforms how the world develops software.

*Fortune 500® is a registered trademark of Fortune Media IP Limited, used under license. Claim based on GitLab data. Fortune 100 refers to the top 20% ranked companies in the 2025 Fortune 500 list, published in June 2025. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of GitLab.

An Overview of This Role

We’re looking for a manager to lead the GitLab security incident response team (SIRT) in the Americas region. GitLab SIRT manages and investigates cybersecurity incidents across all GitLab operating environments and operates in a tierless SOC model. The team is responsible for threat hunting, alert triage, security investigations, deep-dive DFIR, and large-scale incident response, among other responsibilities.

In this role, you will manage the day-to-day work of a team of incident response engineers - setting clear performance expectations, coaching their growth, and holding the team accountable for delivering quality results. You should have a strong technical background, be comfortable owning the full incident lifecycle from alert triage to retrospective actions, and be skilled at developing others to do the same.

We are looking for someone who makes sound operational decisions under pressure and who actively looks for opportunities to "shift left" - improving defenses and leveraging AI and automation to optimize team workflows. You will implement program direction, maintain a culture of high performance, and defend GitLab infrastructure and products including GitLab.com, GitLab Dedicated, and GitLab Dedicated for Government (FedRAMP).

This role requires availability during US West Coast business hours. Candidates based on the West Coast are preferred, though candidates in other time zones who are comfortable working these hours are also welcome to apply. Some after-hours and weekend coverage may be required to support engineers during high-severity incidents.

Learn more about the Security Operations Department

Security Incident Response Team

Trust and Safety Team

Security Logging Team

Red Team

Signals Engineering Team

What You'll Do

Manage day-to-day team operations - establish clear goals, performance expectations, and accountability for direct reports; monitor progress and ensure timely delivery of quality results.

Develop and coach incident responders - provide candid, real-time feedback; advise on career growth; and foster a culture of investigation excellence, prioritizing depth and accuracy of analysis.

Proactively identify and fill talent gaps - participate in hiring decisions with a focus on candidates who will amplify GitLab's values and raise the team's technical bar.

Drive engagement and retention - recognize team member contributions, address engagement risks early, and create an environment of open feedback and psychological safety.

Cascade organizational context - translate division and company-wide strategy into clear, actionable team