Security Compliance Engineer Worldwide
GitLab's DevOps platform empowers 100,000+ organizations to deliver software faster and more efficiently. We are one of the world’s largest all-remote companies with 1,400+ team members and values that guide a culture where people embrace the belief that everyone can contribute.
This Security Compliance Engineer position is 100% remote.
It’s an exciting time to join our team. Description:GitLab's DevOps platform empowers 100,000+ organizations to deliver software faster and more efficiently. We are one of the world’s largest all-remote companies with 1,400+ team members and values that guide a culture where people embrace the belief that everyone can contribute.
As a Security Compliance Engineer in our Assurance sub department, you'll play a key role in the team that enable GitLab sales by providing customers information and assurance about our information security program while supporting GitLab customers in their own compliance journey and mitigating GitLab information security risk through continuous control monitoring and automation.
The culture here at GitLab is something we’re incredibly proud of. Some of the benefits you’ll be entitled to vary by the region or country you’re in. However, all GitLab team members are fully remote and receive a "no ask, must tell" paid-time-off policy, where we don’t count the number of days you take off annually -- instead, we focus on your results. You can work the hours you choose, enabled by our asynchronous approach to communication. You can also expect stock options and a competitive salary. Our compensation calculator will be shared with selected candidates before any interview.
Diversity, Inclusion, and Belonging (DIB) are fundamental to the success of GitLab. We want to infuse DIB in every way possible and in all that we do. We strive to create a transparent environment where all team members around the world feel that their voices are heard and welcomed. We also aim to be a place where people can show up as their full selves each day and contribute their best. With more than 100,000 organizations using GitLab, our goal is to have a team that is representative of our users.
- Professionally handle communications with internal and external stakeholders on compliance issues
- Maintain up-to-date knowledge of GitLab's product, environment, systems and architecture
- Educate control owners on compliance workflows and processes
- Maintain GitLab's security control framework and continuous control monitoring activities
- Gather and report on established metrics within the security compliance programs
- Conduct security control test of design and test of operating effectiveness activities
- Identify observations and manage remediation tasks through to closure while adhering to strict deadlines
- Support internal and external auditors or advisors as needed
- Maintain handbook pages, procedures and runbooks related to security compliance
- Identify opportunities for security compliance control automation
- Maintain security compliance automation tasks
- A minimum of 2 years' experience working with security compliance programs
- Demonstrated experience with at least two security control frameworks (e.g. SOC 2, ISO, NIST, COSO, COBIT, etc.)
- Working understanding of how compliance works with cloud-native technology stacks
- Experience in a Saas company
- Experience with GitLab
Also, we know it’s tough, but please try to avoid the confidence gap. You don’t have to match all the listed requirements exactly to be considered for this role.
Country Hiring Guidelines
GitLab hires new team members in countries around the world. All of our roles are remote, however some roles may carry specific location-based eligibility requirements. Our Talent Acquisition team can help answer any questions about location after starting the recruiting process.
Vacancy page : https://boards.greenhouse.io/gitlab/jobs/5501484002