1. You are here:
2. Handbook
3. Security at GitLab
4. Security Assurance
5. Governance and Field Security Team Charter

On this page

• Team Charter
  • Mission
  • Roles and responsibilities
    • Goverance team member roles and responsibilities
    • Field Security team member roles and responsibilities
  • High Level Core Competencies
    • External Security Evangelism
    • Field Security Research
    • Security Sales Enablement
    • Automation
    • Internal Security Evangelism
    • Compliance Monitoring and Oversight
  • Program goals
    • Field Security
    • Governance
  • Program scope
    • Field Security
    • Governance
  • Strengths and skills
    • Field Security
    • Governance

Team Charter

Mission

The mission of the Governance and Field Security team is to: (i) drive the development of GitLab’s internal security strategy and posture through automation, security awareness, policy management, and regulatory and compliance oversight, and (ii) drive company ARR through effective and efficient customer assurance activities and external security evangelism; and support the sales organization through field security focused training and strategy alignment.

Roles and responsibilities

Please refer to the following roles and responsibilities for Governance and Field Security team members:

Goverance team member roles and responsibilities

Field Security team member roles and responsibilities

High Level Core Competencies

External Security Evangelism

• External communication of security strategy via different media (audio, video, written, etc.)
• Initiatives to support thought leadership and market positioning
• Building collateral pieces to improve knowledge of internal security posture

Field Security Research

• Discovery and communication of internal and external security events to support the development of Field Security’s strategy
• Empowering sales by providing internal documentation to help shorten the current sales cycle
• Highlighting topics stemming from customer feedback to inform the Security Assurance roadmap

Security Sales Enablement

• Execution of customer assurance activities
• Identifying opportunities to streamline Field Security’s involvement in the sales cycle

Automation

• Development of new automated processes
• Enhancement of existing automated processes

Internal Security Evangelism

• Policy and procedure management
• Security awareness

Compliance Monitoring and Oversight

• Awareness and communication of new or updated regulatory and compliance requirements

Program goals

Field Security

• Help to increase monthly ARR for the company through customer assurance activities
• Support customer security needs and requirements to drive customer attainment, retention, and satisfaction
• Increase awareness of GitLab’s security capabilities and GitLab Inc’s security controls through external evangelism activities

Governance

• Improve general internal security awareness, including Phishing awareness, for all team members
• Develop role based security training for high risk team members
• Maintain awareness of existing and new regulatory and compliance requirements, and feed that information to relevant teams for triage and action
• Develop and maintain a holistic set of policies and procedures to support regulatory, compliance, and operational requirements
• Improve the effectiveness and efficiency of existing and new processes through automation.
• Automate compliance controls and compliance control monitoring processes
• Reduce the amount of time consumed by manual tasks.

Program scope

Field Security

The scope of the Field Security program is company-wide. Field Security collaborates with all cross-functional teams to support the execution of customer assurance, external evangelism, and security sales enablement activities.

Governance

The scope of the Governance program is company-wide. Governance collaborates with all cross-functional teams to support security awareness, internal security evangelism, automation, policy and procedure management, and compliance monitoring and oversight activities.

Strengths and skills

Field Security

• Great interpersonal skills
• Effective time management
• Detail oriented
• Broad understanding of security related topics
• Effective communication skills

Governance

• Process and detail oriented
• Technical acumen
• Analytical acumen
• Attention to diverse audiences
• Effective communication skills