Security Program Manager

Driving security strategy and initiatives company-wide

The Security Program Manager will be responsible for complete overview and driving security initiatives across product, engineering and business enablement. This includes the tracking, monitoring and influencing priority of significant security objectives, goals and plans from all security sub-departments.

Responsibilities

  • Communicate successfully with partners and drive accountability across teams to ensure program objectives are met
  • Gather and examine customer and internal security team needs and opportunities for new information security programs, products and projects
  • Drive organizational needs cross-functionally with product, engineering and finance including tracking and reporting of progress and metrics

Requirements

  • Experience crafting and executing Information Security initiatives, including capturing and redefining requirements into impactful work items
  • Experience driving cross-functional initiatives according to plan and timelines
  • Prioritize effectively and multitask efficiently
  • Proven track record of successful collaboration with internal and external partners
  • Communication, presentation, and documentation skills

Levels

Intermediate Security Program Manager

This position reports to the Vice President of Security at GitLab.

Intermediate Security Program Manager Job Grade

The role is a grade 6.

Intermediate Security Program Manager Responsibilities

All responsibilities listed above (applicalbe to all roles) plus:

  • Identify and coordinate the interdependencies among programs, products and other critical initiatives for a single Security sub-departments
  • Provide insight and suggestions to improving security
  • Research and recommend solutions to security concerns and blockers
  • Oversee project planning and management
  • Communicate successfully within the project team and with security leadership
  • build trust with direct stakeholders
  • Develop and guide deployment plans and communication with direct stakeholders

Intermediate Security Program Manager Requirements

All requirements listed above (applicable to all roles)

Senior Security Program Manager

This position reports to the Vice President of Security at GitLab.

Senior Security Program Manager Job Grade

The role is a grade 7.

Senior Security Program Manager Responsibilities

All responsibilities of previous roles plus:

  • Identify and coordinate the interdependencies among programs, products and other critical initiatives for 1 or more Security sub-departments
  • Provide insight and suggestions to steer security stategy and roadmap
  • Examine risks associated with programs and prioritize risks accordingly
  • Collaborate on strategy and direction with organizational stakeholders; Oversee project planning and management
  • Communicate successfully within the project team and at multiple levels of management, building trust across the organization, and demonstrating care with sensitive information
  • Develop and guide deployment plans and communication with partners

Senior Security Program Manager Requirements

All requirements of previous roles plus:

  • Experience influencing others without having direct management authority and motivating them to successfully complete tasks within required timelines
  • Risk analysis and problem-solving skills
  • Excellent written and verbal communication skills, building relationships with partners.

Staff Security Program Manager

This position reports to the Vice President of Security at GitLab.

Staff Security Program Manager Job Grade

The role is a grade 8.

Staff Security Program Manager Responsibilities

All responsibilities of previous roles plus:

  • Identify and coordinate the interdependencies among programs, products and other critical initiatives across all security sub-departments within our organization
  • Assist defining business requirements and roadmaps in alignment with the overall information security strategy
  • Define acceptance criteria for solutions, value proposition and milestones for execution; Validate prototypes with partners and iterate solutions as needed to deliver value
  • Track and provide reporting and measurements of program effectiveness and communicate findings to management
  • Develop repeatable, scalable, efficient, and effective processes

Staff Security Program Manager Requirements

All requirements of previous roles plus:

  • Advanced technical
  • Advanced understanding of application, development and infrastructure frameworks
  • Advanced anaytical skills for assessing and recommending solutions based on data and research

Principal Security Program Manager

This position reports to the Vice President of Security at GitLab.

Principal Security Program Manager Job Grade

The role is a grade 9.

Principal Security Program Manager Responsibilities

All responsibilities of previous roles plus:

  • Expanded sphere of influence in driving security initiatives across the company
  • Ownership and independently driving goals and objectives furthering the security strategy and roadmap
  • Accountable and responsible for overflow responsibilities from senior security leadership (VP and Director level)
  • Identify, define and implement security programs across security and the company

Principal Security Program Manager Requirements

All requirements of previous roles plus:

  • Influence and implement change across the company
  • Speak to and represent GitLab to customers, media and other external stakeholders

Segment

Security Leadership

For details on the Security organization leadership roles, to include the Product Security Director and VP of Security, see the Security Leadership page.

Specialties

  • Currently no specialties defined

Performance Indicators

  • To Be Defined (TBD)

Career Ladder

  • To Be Defined (TBD)

Hiring Process

Candidates for this position can expect the hiring process to follow the order below. Please keep in mind that candidates can be declined from the position at any stage of the process. To learn more about someone who may be conducting the interview, find their job title on our team page.

  1. Qualified candidates will be invited to schedule a 30 minute screening call with one of our Global Recruiters.
  2. Candidates will be invited to schedule a 50-minute interview directly with the VP of Security.
  3. Candidates will be invited to schedule 2-3 separate 50-minute interviews with Directors of Security sub-departments.
  4. Candidates will be invited to schedule a 50-minute interview with the CTO.
  5. Candidates may be asked to schedule a final 30-minute discussion with the VP of Security.

Additional details about our process can be found on our hiring page.

 


About GitLab

GitLab Inc. is a company based on the GitLab open-source project. GitLab is a community project to which over 2,200 people worldwide have contributed. We are an active participant in this community, trying to serve its needs and lead by example. We have one vision: everyone can contribute to all digital content, and our mission is to change all creative work from read-only to read-write so that everyone can contribute.

We value results, transparency, sharing, freedom, efficiency, self-learning, frugality, collaboration, directness, kindness, diversity, inclusion and belonging, boring solutions, and quirkiness. If these values match your personality, work ethic, and personal goals, we encourage you to visit our primer to learn more. Open source is our culture, our way of life, our story, and what makes us truly unique.

Top 10 Reasons to Work for GitLab:

  1. Mission: Everyone can contribute
  2. Results: Fast growth, ambitious vision
  3. Flexible Work Hours: Plan your day so you are there for other people & have time for personal interests
  4. Transparency: Over 2,000 webpages in GitLab handbook, GitLab Unfiltered YouTube channel
  5. Iteration: Empower people to be effective & have an impact, Merge Request rate, We dogfood our own product, Directly responsible individuals
  6. Diversity, Inclusion & Belonging: A focus on gender parity, Team Member Resource Groups, other initiatives
  7. Collaboration: Kindness, saying thanks, intentionally organize informal communication, no ego
  8. Total Rewards: Competitive market rates for compensation, Equity compensation, global benefits (inclusive of office equipment)
  9. Work/Life Harmony: Flexible workday, Family and Friends days
  10. Remote Done Right: One of the world's largest all-remote companies, prolific inventor of remote best practices

See our culture page for more!

Work remotely from anywhere in the world. Curious to see what that looks like? Check out our remote manifesto and guides.