GitLab is an open core software company that develops the most comprehensive DevSecOps Platform used by more than 100,000 organizations. Our mission makes it clear that we believe in a world where everyone can contribute. We make that possible at GitLab by running our operations on our product and staying aligned with our values. Learn more about Life at GitLab.
An overview of this role
Whether you're an intermediate engineer with strong threat intelligence experience or a seasoned senior, we're looking for our first dedicated Threat Intelligence Engineer. You'll be joining a program in its early stages, built on a solid foundation by current members of our Security Operations team.
Want more jobs like this?
Get Software Engineering jobs that are Remote delivered to your inbox every week.
Your mission will be to provide actionable intelligence that empowers GitLab to make informed, proactive decisions about security. We want to get in front of threats before they materialize - using intelligence to see around corners and anticipate the next attack.
You'll be responsible for monitoring the threat landscape, focusing on identifying the most relevant risks to GitLab. As you analyze these risks and track associated threat actors, you'll build meaningful connections with industry peers, gaining access to timely, unique insights.
As the founding member of this new team, you'll help us refine our processes and iterate towards a more mature threat intelligence program. We've laid the groundwork with reporting templates, metrics for success, tooling, feeds, and industry connections. Now we need you to put this framework into action - uncovering real-world attacks, making attributions, and building a thriving intel-sharing community.
You'll be supported by Security Operations engineers who dedicate a portion of their time to threat intelligence. We'll encourage you to collaborate across security, infrastructure, and product teams to help keep our customers, platform, and organization secure.
If you're excited about shaping the future of threat intelligence at GitLab, we want to hear from you!
What You’ll Do
- Monitor the threat landscape, identifying and analyzing the risks most relevant to GitLab.
- Deliver actionable intelligence via recurring Threat Insights and ad-hoc Flash Reports.
- Collaborate on Threat Actor Tracking, helping us stay one step ahead of our top threats.
- Collaborate on Purple Team Flash Operations, where emerging threats are turned into collaborative exercises to rapidly improve our defensive capabilities.
- Build meaningful relationships with industry peers, sharing intelligence and collaborating on emerging threats.
- Write code, leverage AI, and build automation to improve process efficiencies on the team.
What You’ll Bring
- Proven track record of delivering actionable intelligence that has had a meaningful impact on the security of an organization.
- Experience with MITRE ATT&CK framework and its application in threat analysis.
- Experience working with a Threat Intelligence Platform (TIP) and threat feeds.
- Experience researching adversaries using OSINT techniques.
- Ability to automate tasks by writing basic scripts/programs, preferably with Python
- Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner
- Optional but valuable: experience reverse engineering malware
- Optional but valuable: public examples of blogs or open-source work related to threat intelligence
About the team
This role will be the first member on a new team with the Security Operations department. You will report to a Security Manager based out of Australia, who also runs our Red Team.
Security Operations includes SIRT, Trust & Safety, Red Team, and Security Logging.
How GitLab will support you
- Benefits to support your health, finances, and well-being
- All remote, asynchronous work environment
- Flexible Paid Time Off
- Team Member Resource Groups
- Equity Compensation & Employee Stock Purchase Plan
- Growth and development budget
- Parental leave
- Home office support
Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply to a job unless they meet every single qualification. If you're excited about this role, please apply and allow our recruiters to assess your application.
Country Hiring Guidelines: GitLab hires new team members in countries around the world. All of our roles are remote, however some roles may carry specific location-based eligibility requirements. Our Talent Acquisition team can help answer any questions about location after starting the recruiting process.
Privacy Policy: Please review our Recruitment Privacy Policy. Your privacy is important to us.
GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. GitLab’s policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including family medical history), discharge status from the military, protected veteran status (which includes disabled veterans, recently separated veterans, active duty wartime or campaign badge veterans, and Armed Forces service medal veterans), or any other basis protected by law. GitLab will not tolerate discrimination or harassment based on any of these characteristics. See also GitLab’s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know during the recruiting process.