The security analyst plays a vital role in keeping an organization’s proprietary and sensitive information secure. He/she works inter-departmentally to identify and correct flaws in the company’s security systems, solutions, and programs while recommending specific measures that can improve the company’s overall security posture.
This job family reports to the Director, IT Operations.
- Generate reports for IT administrators and business managers to evaluate the efficacy of the security policies in place.
- Monitoring security access
- Performing both internal and external security audits
- Continuously updating the company’s incident response and disaster recovery plans
- BA/BS in a business related field and/or equivalent years of education and experience working in a related field
- 3-5 years experience in Information Technology or Information Security experience.
- Certified Information Systems Security Professional (CISSP) preferred
- Knowledge of policies and procedures related to GDPR, CCPA, and PCI
- Excellent interpersonal, verbal, and written communication skills with the ability to communicate compliance related concepts to a broad range of technical and non-technical staff
- Successful experience working, collaborating, and establishing credibility and relationships with senior leadership, colleagues, and clients
- Demonstrated success working with internal audit, external auditors, outside consultants, and legal affairs
- Demonstrated experience leading large-scale projects
- Ability to use GitLab
The IT Security Analyst is a grade 6.
The IT Security Analysts share the same responsibilities outlined above.
The IT Security Analyst position has all the same requirements as the ones outlined above plus the following:
Senior IT Security Analyst
Senior IT Security Analyst Job Grade
The IT Security Analyst is a grade 7.
Senior IT Security Analyst Responsibilities
The Senior IT Security Analyst has all the same responsibilities as the intermediate position plus the following:
- Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs.
- Work with the security team to perform tests and uncover network vulnerabilities.
- Address questions from internal and external audits and examinations.
- Fix detected vulnerabilities to maintain a high-security standard.
- Stay current on IT security trends and news.
- Develop company-wide best practices for IT security.
- Help colleagues install security software and understand information security management.
- Research security enhancements and make recommendations to management.
- Serve as project manager/lead within IT security projects.
- Promote awareness of applicable regulatory standards, upstream risks, and industry best
Senior IT Security Analyst Requirements
The Senior IT Security Analyst has all the same requirements as the ones outlined above plus the following:
- 5-7 years experience in Information Technology or Information Security experience.
- 4+ years experience conducting IT compliance assessments (Sarbanes-Oxley, PCI, etc.).
- 4+ years experience in administering IT security controls in an organization.
- Experience with IPS/IDS and SIEM technologies.
- Certified Information Systems Security Professional (CISSP), or related certification.
- Experience in information security or related field.
- Experience with computer network penetration testing and techniques.
- Understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts.
- Ability to identify and mitigate network vulnerabilities and explain how to avoid them.
- Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact.
- Evaluate compliance of IT tools or processes
- Evaluate changes to IT tools and processes based on risk
- Provide more detailed and more practical guidance to the organization with the goal of improving compliance related processes and/or procedures.
The next step in the IT Security Analyst job family is to move to the a role not currently defined at GitLab.
Candidates for this position can expect the hiring process to follow the order below. Please keep in mind that candidates can be declined from the position at any stage of the process. To learn more about someone who may be conducting the interview, find their job title on our team page.
- Qualified candidates will be invited to schedule a 30 minute screening call with one of our Global Recruiters
- Next, candidates will be invited to schedule a first interview with our Manager, IT
- Candidates will then be invited to schedule a second and third interview with 2-4 members of the IT Operations team in a panel interview
- Candidates will be then be invited to schedule a call with our Integrations Engineer
- Finally, candidates will interview with our VP, IT
Additional details about our process can be found on our hiring page.
To find out more about the compensation for this role, please
apply to a role
first. Once selected for a screening call, you'll be able to sign up here to view our
Be sure to use the same email address for both.
GitLab Inc. is a company based on the GitLab open-source project. GitLab is
a community project to which over 2,200 people worldwide have contributed.
We are an active participant in this community, trying to serve its needs
and lead by example. We have one vision: everyone can
contribute to all digital content, and our mission is to change all creative
work from read-only to read-write so that everyone can contribute.
We value results, transparency, sharing, freedom,
efficiency, self-learning, frugality, collaboration, directness, kindness, diversity, inclusion and belonging,
boring solutions, and quirkiness. If these values match your personality,
work ethic, and personal goals, we encourage you to visit our
primer to learn more. Open source is our culture, our way of
life, our story, and what makes us truly unique.
Top 10 Reasons to Work for GitLab:
- Mission: Everyone can contribute
- Results: Fast growth, ambitious vision
- Flexible Work Hours: Plan your day so you are there for other people & have time for personal interests
- Transparency: Over 2,000 webpages in GitLab handbook, GitLab Unfiltered YouTube channel
- Iteration: Empower people to be effective & have an impact, Merge Request rate, We dogfood our own product, Directly responsible individuals
- Diversity, Inclusion & Belonging: A focus on gender parity,
Team Member Resource Groups, other initiatives
- Collaboration: Kindness, saying thanks, intentionally organize informal communication, no ego
- Total Rewards: Competitive market rates for compensation, Equity compensation, global benefits (inclusive of office equipment)
- Work/Life Harmony: Flexible workday, Friends and Family days
- Remote Done Right: One of the world's largest all-remote companies, prolific inventor of remote best practices
See our culture page for more!
Work remotely from anywhere in the world. Curious to see what that looks
like? Check out our remote manifesto and guides.