Gitlab logo

Senior Security Engineer, Security Incident Response Team (SIRT) - EMEA - Gitlab - Remote - Global

Security Engineer

Posted: July 11, 2026
Posted 3 days ago
Last seen in crawl: July 13, 2026 (1d ago)
Estimated Expiry: August 15, 2026
Remoteness
Role & Management
Role Level:Mid-Level
Job Type
Required Languages

Job Description

As a Senior Security Engineer on GitLab’s Security Incident Response Team (SIRT), you will play a critical role in defending GitLab.com and the broader GitLab environment against evolving security threats. You will lead high-impact incidents and investigations, drive continuous improvements in defense, detection and response capabilities, and help scale security operations through automation and intelligent workflows. Operating within a 24/7 global environment (follow the sun model), you will own incidents end-to-end - from detection and triage through containment, eradication, and recovery - while partnering cross-functionally to strengthen GitLab’s overall security posture. A key aspect of this role is leveraging automation and AI-driven approaches to improve detection fidelity, accelerate investigations, and reduce response times. You will help shape how modern tooling and data are applied to stay ahead of evolving adversary tactics. This role is ideal for someone who thrives in high-tempo environments, brings strong DFIR expertise, and is equally passionate about operational excellence and building scalable detection and response systems and workflows. What you’ll do Lead and coordinate end-to-end incident response for high-severity security events within a 24/7 global on-call model, with this role operating during EMEA business hours Prepare clear executive communications that keep stakeholders informed during incidents Investigate complex security incidents across cloud environments, applying strong Digital Forensics and Incident Response (DFIR) methodologies Partnering with Signals Engineering to design and implement detection capabilities, including SIEM use cases, alerting strategies, and telemetry pipelines Build and enhance automation and AI-assisted workflows to improve triage, investigation speed, and response consistency Partner with Threat Intelligence to contextualize threats and improve detection coverage Conduct root cause analysis (RCA) and lead post-incident reviews to drive continuous improvement and risk reduction Develop and maintain runbooks, playbooks, and operational documentation Collaborate cross-functionally (Engineering, Infrastructure, Legal, Product, Communications, etc) during incidents and lead proactive initiatives (e.g. tabletops) Mentor other engineers and help elevate the team’s overall incident response maturity.

Company Information

Current open roles at Gitlab on JobCrawls
LocationActive listings
Remote - Global161
Remote - North America14
Remote9
Remote - EMEA5
Remote - Canada3
Remote - United States3
Remote - Europe1
Current role mix at Gitlab on JobCrawls
Role typeActive listings
Backend Engineer23
Solutions Architect9
Product Manager8
Software Engineer7
Commercial Account Executive6
Customer Success Manager5
Sales Representative5
Human Resources Specialist5
Engineering Manager4
New Business Account Executive4
Program Manager4
Account Executive4
Customer Success Engineer4
Regional Marketing Manager3
Data Analyst3
Strategic Account Executive3
Regional Sales Director3
AI Engineer2
Business Development Representative2
Engagement Manager2
Field CTO2
Site Reliability Engineer2
Manager2
Candidate Experience Specialist2
Customer Experience Services Manager2
Data Scientist2
Senior Manager2
Customer Success Architect1
Pricing Director1
Program manager1
Technical Writing Director1
Infrastructure Security Engineer1
Product Design Manager1
Support Manager1
Legal1
Data System Architect1
Infrastructure Security Manager1
Enterprise Applications Engineer1
Application Security Manager1
Customer Relationship Manager1
Public Sector Strategic Account Executive1
HRIS Analyst1
Security Risk Management Engineer1
Vice President of Engineering1
Product Security Architecture Director1
Project Manager1
Business Development Executive1
Vice President, Data & Insights1
Executive Business Partner1
Software Security Engineer1
Professional Services Engineer1
Contract Manager1
Renewals Director1
Sales Development1
Sales Manager1
Architect1
CPQ Developer1
Enablement Lead1
Director1
Ecosystem Sales Manager1
Senior Recruiter1
Senior FP&A Analyst1
Sales Development Representative1
Accounts Receivable Analyst1
Technical Program Manager1
Backend Developer1
Corporate Development Analyst1
Field Strategist1
Product Management Specialist1
Stock Administrator1
Procurement Analyst1
Commercial Legal Counsel1
Principal Engineer1
Executive Assistant1
People Operations Partner1
Customer Service Representative1
Solutions Architect Manager1
Vice President, Legal Commercial1
G&A Engineer1
Security Architect1
Senior Engineering Manager1
Security Engineer1
Database Engineer1
Engineer1
Product Marketing Manager1
Senior UX Researcher1
Legal Engineer1
Software Engineering Manager1
Data Architect1
Infrastructure Platforms Engineer1
Major Account Executive1
Financial Analyst1
Public Sector Solutions Architect1
Corporate Security Engineer1
Researcher1
Vulnerability Researcher1
Vice President1
Current role-level mix at Gitlab on JobCrawls
Role levelActive listings
Mid-Level141
Manager8
Senior8

Gitlab appears in 196 indexed job postings in JobCrawls' Finland dataset since October 2023. In that historical index, the strongest location signals for this employer are Remote - Global, Remote - North America, and Remote.

Data shown is based on historical job postings from our database.

Job Details

Responsibilities

  • Lead and coordinate end-to-end incident response for high-severity security events within a 24/7 global on-call model, with this role operating during EMEA business hours
  • Prepare clear executive communications that keep stakeholders informed during incidents
  • Investigate complex security incidents across cloud environments, applying strong Digital Forensics and Incident Response (DFIR) methodologies
  • Partnering with Signals Engineering to design and implement detection capabilities, including SIEM use cases, alerting strategies, and telemetry pipelines
  • Build and enhance automation and AI-assisted workflows to improve triage, investigation speed, and response consistency
  • Partner with Threat Intelligence to contextualize threats and improve detection coverage
  • Conduct root cause analysis (RCA) and lead post-incident reviews to drive continuous improvement and risk reduction
  • Develop and maintain runbooks, playbooks, and operational documentation
  • Collaborate cross-functionally (Engineering, Infrastructure, Legal, Product, Communications, etc) during incidents and lead proactive initiatives (e.g. tabletops)
  • Mentor other engineers and help elevate the team’s overall incident response maturity

Requirements

  • Strong experience in security incident response and investigations in cloud-first environments
  • Experience using or administering Git/GitLab in a security or engineering context
  • Hands-on experience with SIEM, EDR, and/or detection engineering
  • Experience with cloud platforms (AWS & GCP)
  • Familiarity with threat intelligence and adversary tactics (e.g., MITRE ATT&CK)
  • Experience building or working with automation (e.g., Python, scripting, SOAR platforms)
  • Interest or experience in applying AI/ML or data-driven techniques to detection, triage, or response workflows
  • Strong analytical and problem-solving skills; ability to operate effectively during high-severity incidents
  • Excellent written communication skills with a passion for clear, actionable documentation
  • Growth mindset with a proactive approach to identifying and mitigating security risks
1 day agoContent Complete

Help us improve JobCrawls — sign in to sync saved jobs across devices, or send feedback anytime.