Remote Intermediate Security Engineer Job in UK GitLab

Who you are

• Ruby or Python development skills with a passion for security
• Strong interest in incident response processes, and aptitude for learning how to lead incidents independently
• Passion for technical documentation
• Proficiency with Google Cloud Platform (GCP) and/or AWS
• Interest in handling trust and safety incidents (platform abuse, cryptomining, platform spam)
• Interest in proactive hunting based and threat intelligence
• Interest in conducting forensic analysis of infected hosts (with a focus on cloud forensics)
• Interest in SIEM/security logging tools, such as Splunk or Devo

What the job involves

• Engineer security improvements to the GitLab product, build and maintain tools to detect and respond to threats efficiently and scalably
• Respond to security incidents and drive them to resolution, develop and deploy preventative security measures
• Learn to think like an attacker and defender, keeping GitLab and user data safe in a constantly changing threat landscape

Application process

• Participate in the Security Operations on-call rotation
• Contribute security improvements by submitting Ruby code to the GitLab product
• Detect and respond to GitLab-related security incidents
• Respond to and mitigate trust and safety matters such as platform abuse, cryptomining, platform spam and abuse of terms of service
• Create high-value, efficient detection and response capabilities, and fine-tune existing alerts
• Resolve automation gaps and create efficient, automated processes
• Create simple documentation such as runbooks and procedures
• Perform root cause analysis (RCA), lessons-learned and incident reviews