LazyApply Logo

LazyApply

How It WorksPricingReviewsAI Cover Letter
GitLab
GitLab

1001-5000 employees

WebsiteLinkedIn
Software Development
DevOps
Cloud Computing
Information Technology
About GitLab

GitLab is a comprehensive DevOps platform delivered as a single application, enabling organizations to manage the entire software development lifecycle from planning and source code management to CI/CD, monitoring, and security. Founded in 2014, GitLab's mission is to make it possible for everyone to contribute to software development by providing a collaborative, open-source platform that supports remote work and transparency. The company offers a cloud-based and self-managed solution that integrates with various tools to streamline development workflows, improve productivity, and accelerate software delivery. GitLab is publicly traded on NASDAQ under the symbol GTLB and serves a global customer base ranging from startups to large enterprises.

5 months ago

Principal Field Security Engineer

Full-time
Lead
Consultant
Report problem

📋

Description
  • GitLab is an open-core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations. Our mission is to enable everyone to contribute to and co-create the software that powers our world. When everyone can contribute, consumers become contributors, significantly accelerating human progress. Our platform unites teams and organizations, breaking down barriers and redefining what's possible in software development. Thanks to products like Duo Enterprise and Duo Agent Platform, customers get AI benefits at every stage of the SDLC.
  • The same principles built into our products are reflected in how our team works: we embrace AI as a core productivity multiplier, with all team members expected to incorporate AI into their daily workflows to drive efficiency, innovation, and impact. GitLab is where careers accelerate, innovation flourishes, and every voice is valued. Our high-performance culture is driven by our values and continuous knowledge exchange, enabling our team members to reach their full potential while collaborating with industry leaders to solve complex problems. Co-create the future with us as we build technology that transforms how the world develops software.
  • **About the Role:**
  • GitLab is seeking an experienced Principal Field Security Engineer to tackle complex customer security challenges at the intersection of technical architecture and business requirements. In this role, you'll apply deep security expertise to answer technical questions, assess contract requirements, and enable GitLab’s Sales and field organizations to address security problems for enterprise customers. You'll work directly with customers and internal teams to provide technical guidance, create security content, and help customers understand how GitLab's security controls meet their compliance and risk management needs.
  • **What You'll Do:**
  • Serve as the primary security point of contact for enterprise customer questions, requests, and concerns.
  • Join customer and prospect meetings to provide expert guidance on GitLab’s security practices and controls to address security, privacy, and compliance requirements.
  • Build and maintain templates, playbooks, fallback positions, and training to simplify negotiations.
  • Facilitate customer assurance activities through our Customer Assurance Activities Service Desk.
  • Provide escalation support for complex security questionnaires, RFPs, and risk assessments.
  • Perform comprehensive contract reviews for customer agreements and vendor relationships.
  • Analyze security and compliance clauses in legal documents.
  • Provide risk-based recommendations and remediation guidance for contractual security requirements.
  • Partner with Legal, Sales, Product, and Procurement teams to negotiate security-related contract terms.
  • Document and track contract-related security obligations.
  • Act as a trusted technical thought leader, developing security content such as blog posts, whitepapers, standards, and training materials.
  • Keep abreast of evolving regulatory landscapes affecting agreements.
  • Build and strengthen GitLab's security brand within the industry.
  • Maintain and enhance GitLab's Trust Center and security resources.
  • Provide strategic recommendations based on customer security concerns.
  • Participate in Quarterly Business Reviews to inform product and security roadmaps.
  • Mentor Security Assurance team members.
  • Drive continuous improvement of security processes and documentation.
  • Design and implement solutions for sales teams to discuss security topics effectively.
  • **What you'll bring:**
  • 10+ years in information security, with at least 5 years in customer-facing roles.
  • Deep expertise in security frameworks such as SOC 2, ISO 27001, FedRAMP, GDPR, NIST.
  • Proven experience in contract negotiation and security/privacy agreement reviews.
  • Excellent written and verbal communication skills.
  • Experience creating security content and speaking at conferences is a plus.
  • Strong understanding of cloud security, SaaS security models, and DevSecOps.
  • Experience working cross-functionally with Sales, Legal, Product, and Engineering teams.
  • Ability to balance security risks with business objectives.
  • **Salary Range:**
  • $200,000 - $280,000 USD
  • **Benefits:**
  • Flexible Paid Time Off
  • Team Member Resource Groups
  • Equity Compensation & Employee Stock Purchase Plan
  • Growth and Development Fund
  • Parental leave
  • Home office support
  • **Additional notes:**
  • This role is remote, US-based.
  • The salary range reflects the US location and does not include bonuses, equity, or benefits.
  • GitLab is an equal opportunity employer and values diversity.

🎯

Requirements
  • 10+ years of experience in information security
  • At least 5 years in customer-facing security roles
  • Deep expertise in security frameworks such as SOC 2, ISO 27001, FedRAMP, GDPR, NIST
  • Proven track record of contract negotiation and security/privacy agreement reviews
  • Exceptional written and verbal communication skills
  • Experience creating security content (blogs, whitepapers, presentations)
  • Experience speaking at conferences is a plus
  • Strong understanding of cloud security, SaaS security models, and DevSecOps practices
  • Experience working cross-functionally with Sales, Legal, Product, and Engineering teams
  • Ability to balance security risk with business objectives

🏖️

Benefits
  • Flexible Paid Time Off
  • Team Member Resource Groups
  • Equity Compensation & Employee Stock Purchase Plan
  • Growth and Development Fund
  • Parental leave
  • Home office support