Security Operations Sub-department

Maintained by:

Vision

Protect company property by identifying, preventing, detecting and responding to risks and security events targeting the business and GitLab.com and its users. We are at the forefront of GitLab's security.

Mission

The Security Operations Sub-department focuses on the operational aspect of security. Our Sub-department consists of experienced breakers, builders, and defenders from all walks of life and geographic locations. We are responsible for improving GitLab's security capabilities and metrics in the areas of:

Security anomaly/event detection and incident response - SIRT - Security Incident Response Team, Issues Tracker
Abuse of GitLab.com - Trust & Safety, Issues Tracker

Sub-department Members

The following people are permanent members of the Security Operations Sub-department:

Person	Role

All Team Members

The following people are permanent members of teams that belong to the Operations Sub-department:

Trust & Safety

Person	Role
Charl de Wit	Security Manager, Trust & Safety
Aaron Lindby	Senior Security Analyst, Trust and Safety
Joanna Rubi	Security Engineer
Roger Ostrander	Senior Security Engineer, Trust & Safety
Shawn Sichak	Security Engineer, Trust & Safety
Westley van den Berg	Senior Security Analyst, Trust & Safety

Security Incident Response Team

Person	Role

Resources and Tools

Security Enclave GCP Environment

For activities and tools that require confidentiality and availability independent of GitLab.com resources, an independent GCP environment

The main project for tracking work is security-enclave>.

Common Links

How to Engage the Security Engineer On-Call
Slack channel to interact with the teams #security-department
GitLab Security Department Group (GitLab)
GitLab Security Operations Sub-department Group (GitLab)
GitLab "Purple Team" processes & procedures