The GitLab DevSecOps platform empowers 100,000+ organizations to deliver software faster and more efficiently. We are one of the world’s largest all-remote companies with 2,000+ team members and values that foster a culture where people embrace the belief that everyone can contribute. Learn more about Life at GitLab.

An overview of this role

Whether you're an intermediate engineer with strong threat intelligence experience or a seasoned senior, we're looking for our first dedicated Threat Intelligence Engineer. You'll be joining a program in its early stages, built on a solid foundation by current members of our Security Operations team.

Your mission will be to provide actionable intelligence that empowers GitLab to make informed, proactive decisions about security. We want to get in front of threats before they materialize - using intelligence to see around corners and anticipate the next attack.

You'll be responsible for monitoring the threat landscape, focusing on identifying the most relevant risks to GitLab. As you analyze these risks and track associated threat actors, you'll build meaningful connections with industry peers, gaining access to timely, unique insights.

As the founding member of this new team, you'll help us refine our processes and iterate towards a more mature threat intelligence program. We've laid the groundwork with reporting templates, metrics for success, tooling, feeds, and industry connections. Now we need you to put this framework into action - uncovering real-world attacks, making attributions, and building a thriving intel-sharing community.

You'll be supported by Security Operations engineers who dedicate a portion of their time to threat intelligence. We'll encourage you to collaborate across security, infrastructure, and product teams to help keep our customers, platform, and organization secure.

If you're excited about shaping the future of threat intelligence at GitLab, we want to hear from you!

What You’ll Do

Monitor the threat landscape, identifying and analyzing the risks most relevant to GitLab.
Deliver actionable intelligence via recurring Threat Insights and ad-hoc Flash Reports.
Collaborate on Threat Actor Tracking, helping us stay one step ahead of our top threats.
Collaborate on Purple Team Flash Operations, where emerging threats are turned into collaborative exercises to rapidly improve our defensive capabilities.
Build meaningful relationships with industry peers, sharing intelligence and collaborating on emerging threats.
Write code, leverage AI, and build automation to improve process efficiencies on the team.

What You’ll Bring

Proven track record of delivering actionable intelligence that has had a meaningful impact on the security of an organization.
Experience with MITRE ATT&CK framework and its application in threat analysis.
Experience working with a Threat Intelligence Platform (TIP) and threat feeds.
Experience researching adversaries using OSINT techniques.
Ability to automate tasks by writing basic scripts/programs, preferably with Python

Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner
Optional but valuable: experience reverse engineering malware
Optional but valuable: public examples of blogs or open-source work related to threat intelligence

About the team

This role will be the first member on a new team with the Security Operations department. You will report to a Security Manager based out of Australia, who also runs our Red Team.

Security Operations includes SIRT, Trust & Safety, Red Team, and Security Logging.

How GitLab will support you

Benefits to support your health, finances, and well-being
All remote, asynchronous work environment
Flexible Paid Time Off
Team Member Resource Groups
Equity Compensation & Employee Stock Purchase Plan
Growth and development budget
Parental leave
Home office support

Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply to a job unless they meet every single qualification. If you're excited about this role, please apply and allow our recruiters to assess your application.

Country Hiring Guidelines: GitLab hires new team members in countries around the world. All of our roles are remote, however some roles may carry specific location-based eligibility requirements. Our Talent Acquisition team can help answer any questions about location after starting the recruiting process.

Privacy Policy: Please review our Recruitment Privacy Policy. Your privacy is important to us.

GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. GitLab’s policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including family medical history), discharge status from the military, protected veteran status (which includes disabled veterans, recently separated veterans, active duty wartime or campaign badge veterans, and Armed Forces service medal veterans), or any other basis protected by law. GitLab will not tolerate discrimination or harassment based on any of these characteristics. See also GitLab’s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know during the recruiting process.

This job is no longer accepting applications

See open jobs at GitLab.See open jobs similar to "Threat Intelligence Engineer" Khosla Ventures.

See more open positions at GitLab

Privacy policy Cookie policy