Principal Field Security Engineer
GitLab
Principal Field Security Engineer
Job Description
About this Role
Join GitLab as a Principal Field Security Engineer, tackling complex customer security challenges at the nexus of technical architecture and business needs.
Empower enterprise customers by applying deep security expertise to address their toughest compliance and risk management concerns.
GitLab's mission is to enable everyone to contribute to and co-create the software powering our world, accelerating human progress.
Dive into an AI-powered DevSecOps platform that unites teams, breaks barriers, and redefines software development possibilities.
Embrace a high-performance culture where innovation flourishes, careers accelerate, and every voice drives meaningful impact.
Become the trusted security advisor in customer meetings, simplifying negotiations and enabling deal closures with expert guidance.
Craft compelling security content like blogs and whitepapers, establishing yourself as a thought leader in the industry.
Collaborate cross-functionally with Sales, Legal, Product, and Engineering to balance risks and fuel revenue growth.
Drive strategic initiatives that enhance GitLab's Trust Center and shape product roadmaps through customer insights.
Thrive in a dynamic role where your security prowess directly contributes to GitLab's leadership in DevSecOps excellence.
Locations
- US (Remote)
Salary
Salary details available upon request
220,000 - 350,000 USD / yearly
Source: ai estimated
* This is an estimated range based on market data and may vary based on experience and qualifications.
Skills Required
- Security frameworks (SOC 2, ISO 27001, FedRAMP, GDPR, NIST)intermediate
- Contract negotiation and reviewintermediate
- Cloud securityintermediate
- SaaS security modelsintermediate
- DevSecOps practicesintermediate
- Technical communication and presentationintermediate
- Content creation (blogs, whitepapers)intermediate
- Cross-functional collaborationintermediate
- Risk assessment and managementintermediate
- Regulatory compliance analysisintermediate
Required Qualifications
- 10+ years of experience in information security (experience)
- At least 5 years in customer-facing security roles (experience)
- Deep expertise in security frameworks and standards such as SOC 2, ISO 27001, FedRAMP, GDPR, NIST (experience)
- Proven track record of contract negotiation and security/privacy agreement reviews (experience)
- Exceptional written and verbal communication skills (experience)
- Ability to translate complex technical concepts for diverse audiences (experience)
- Experience creating security content like blogs, whitepapers, presentations (experience)
- Strong understanding of cloud security and SaaS security models (experience)
- Strong understanding of DevSecOps practices (experience)
- Experience working cross-functionally with Sales, Legal, Product, and Engineering teams (experience)
Preferred Qualifications
- Experience speaking at conferences (experience)
- Ability to balance security risk with business objectives (experience)
- Familiarity with AI integration in security workflows (experience)
- Background in regulatory compliance evolution tracking (experience)
- Skills in developing sales enablement training materials (experience)
- Expertise in customer assurance activities and escalations (experience)
- Knowledge of RFPs and risk assessments (experience)
- Proficiency in legal document analysis for security clauses (experience)
- Mentoring experience in security teams (experience)
- History of driving process improvements in field security (experience)
Responsibilities
- Serve as primary security point of contact for enterprise customer questions and concerns
- Join customer meetings to provide expert guidance on security practices and controls
- Build templates, playbooks, and training to accelerate negotiations
- Facilitate customer assurance activities through the service desk
- Provide escalation support for security questionnaires, RFPs, and risk assessments
- Perform comprehensive contract reviews for customer agreements and vendor relationships
- Analyze security and compliance clauses in legal documents
- Partner with Legal, Sales, Product, and Procurement to negotiate contract terms
- Develop internal and external security content like blog posts and whitepapers
- Maintain Trust Center and provide strategic recommendations for revenue growth
Benefits
- general: Competitive base salary with incentive pay eligibility
- general: Equity compensation and Employee Stock Purchase Plan
- general: Comprehensive health, dental, and vision insurance
- general: Flexible Paid Time Off policy
- general: Parental leave benefits
- general: Home office support and equipment
- general: Growth and Development Fund for professional advancement
- general: Team Member Resource Groups for inclusion and belonging
- general: Learning and development opportunities
- general: Total rewards focused on health, finances, and well-being
Tags & Categories
Principal Field Security Engineer
GitLab
Principal Field Security Engineer
Job Description
About this Role
Join GitLab as a Principal Field Security Engineer, tackling complex customer security challenges at the nexus of technical architecture and business needs.
Empower enterprise customers by applying deep security expertise to address their toughest compliance and risk management concerns.
GitLab's mission is to enable everyone to contribute to and co-create the software powering our world, accelerating human progress.
Dive into an AI-powered DevSecOps platform that unites teams, breaks barriers, and redefines software development possibilities.
Embrace a high-performance culture where innovation flourishes, careers accelerate, and every voice drives meaningful impact.
Become the trusted security advisor in customer meetings, simplifying negotiations and enabling deal closures with expert guidance.
Craft compelling security content like blogs and whitepapers, establishing yourself as a thought leader in the industry.
Collaborate cross-functionally with Sales, Legal, Product, and Engineering to balance risks and fuel revenue growth.
Drive strategic initiatives that enhance GitLab's Trust Center and shape product roadmaps through customer insights.
Thrive in a dynamic role where your security prowess directly contributes to GitLab's leadership in DevSecOps excellence.
Locations
- US (Remote)
Salary
Salary details available upon request
220,000 - 350,000 USD / yearly
Source: ai estimated
* This is an estimated range based on market data and may vary based on experience and qualifications.
Skills Required
- Security frameworks (SOC 2, ISO 27001, FedRAMP, GDPR, NIST)intermediate
- Contract negotiation and reviewintermediate
- Cloud securityintermediate
- SaaS security modelsintermediate
- DevSecOps practicesintermediate
- Technical communication and presentationintermediate
- Content creation (blogs, whitepapers)intermediate
- Cross-functional collaborationintermediate
- Risk assessment and managementintermediate
- Regulatory compliance analysisintermediate
Required Qualifications
- 10+ years of experience in information security (experience)
- At least 5 years in customer-facing security roles (experience)
- Deep expertise in security frameworks and standards such as SOC 2, ISO 27001, FedRAMP, GDPR, NIST (experience)
- Proven track record of contract negotiation and security/privacy agreement reviews (experience)
- Exceptional written and verbal communication skills (experience)
- Ability to translate complex technical concepts for diverse audiences (experience)
- Experience creating security content like blogs, whitepapers, presentations (experience)
- Strong understanding of cloud security and SaaS security models (experience)
- Strong understanding of DevSecOps practices (experience)
- Experience working cross-functionally with Sales, Legal, Product, and Engineering teams (experience)
Preferred Qualifications
- Experience speaking at conferences (experience)
- Ability to balance security risk with business objectives (experience)
- Familiarity with AI integration in security workflows (experience)
- Background in regulatory compliance evolution tracking (experience)
- Skills in developing sales enablement training materials (experience)
- Expertise in customer assurance activities and escalations (experience)
- Knowledge of RFPs and risk assessments (experience)
- Proficiency in legal document analysis for security clauses (experience)
- Mentoring experience in security teams (experience)
- History of driving process improvements in field security (experience)
Responsibilities
- Serve as primary security point of contact for enterprise customer questions and concerns
- Join customer meetings to provide expert guidance on security practices and controls
- Build templates, playbooks, and training to accelerate negotiations
- Facilitate customer assurance activities through the service desk
- Provide escalation support for security questionnaires, RFPs, and risk assessments
- Perform comprehensive contract reviews for customer agreements and vendor relationships
- Analyze security and compliance clauses in legal documents
- Partner with Legal, Sales, Product, and Procurement to negotiate contract terms
- Develop internal and external security content like blog posts and whitepapers
- Maintain Trust Center and provide strategic recommendations for revenue growth
Benefits
- general: Competitive base salary with incentive pay eligibility
- general: Equity compensation and Employee Stock Purchase Plan
- general: Comprehensive health, dental, and vision insurance
- general: Flexible Paid Time Off policy
- general: Parental leave benefits
- general: Home office support and equipment
- general: Growth and Development Fund for professional advancement
- general: Team Member Resource Groups for inclusion and belonging
- general: Learning and development opportunities
- general: Total rewards focused on health, finances, and well-being
Tags & Categories