About the job
GitLab’s DevOps platform empowers 100,000+ organizations to deliver software faster and more efficiently. We are one of the world’s largest all-remote companies with 1,600+ team members and values that guide a culture where people embrace the belief that everyone can contribute .
The Security Logging engineers own security initiatives related to security of GitLab.com. They work to improve the coverage and usability of security-data on GitLab. They work very closely with the Security Incident Response Team [SIRT] and share findings proactively.
Responsibilities
Be part of the architectural direction, administration, maintenance, documentation, and oversight of the Security information and event management [ SIEM ] solution
Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting
Manage implementation, enhancement and adoption of the solutions built by the team into operations
Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers
Conduct incident response investigations
Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.)
Ensure compliance with internal policies, standards, and regulatory requirements
Contribute to creation of runbooks
Requirements
Ability to use GitLab
Good written and verbal communication skills
Experience working in site-reliability engineering, cloud security, system engineering, or similar positions
Experience with Google Cloud Platform (preferred) or Amazon Web Services
Substantial knowledge of the Linux operating system
Experience with one or more programming languages (Python and either Ruby, Go, or PHP)
Demonstrated experience with running systems at scale
Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details
Share our values , and work in accordance with those values
Levels Infrastructure Security Engineer (Intermediate)
This position reports to the Manager, Infrastructure Security .
Senior Infrastructure Security Engineer Responsibilities
Create and provide oversight for rule creation to generate actionable security alerts
Be a subject-matter expert (SME) of at least 1 technical area impacting the security of the product
Identify inconsistencies in logs and work with development, infrastructure and security teams and work to standardize them
Assist on root cause analysis (RCA) and security incident reviews
Guarantee the availability, and recoverability of the SIEM ecosystem
Assist on actions to mitigate any threats based on findings
Mentor other members of the Security Team
Ownership and delivery on complex projects
Senior Infrastructure Security Engineer Requirements
Includes responsibilities listed here
Experience working with incident response
Experience with logging systems and log analysis
Experience using and administrating analysis platforms such as Splunk, ELK, BigQuery, etc…
Experience with orchestration technologies such as Chef, Puppet or Ansible
Experience with infrastructure-as-code
Working experience with Kubernetes and Docker
Capability to build working relationships with key stakeholdersResponsibilities
Apply via :
boards.greenhouse.io