This Security Compliance Engineer position is 100% remote.
It’s an exciting time to join our team. We're one of the world’s largest all-remote companies, and we've been intentionally building our culture this way from the start. With more than 1,200 team members in 65+ countries, GitLab is a place where you can contribute from almost anywhere. We are an ambitious, productive team that embraces a set of shared values in everything we do.
As a Security Compliance Engineer in our Assurance sub department , you'll play a key role in the team that enable GitLab sales by providing customers information and assurance about our information security program while supporting GitLab customers in their own compliance journey and mitigating GitLab information security risk through continuous control monitoring and automation.
The culture here at GitLab is something we’re incredibly proud of. Some of the benefits you’ll be entitled to vary by the region or country you’re in. However, all GitLab team members are fully remote and receive a "no ask, must tell" paid-time-off policy, where we don’t count the number of days you take off annually -- instead, we focus on your results. You can work the hours you choose, enabled by our asynchronous approach to communication . You can also expect stock options and a competitive salary. Our compensation calculator will be shared with selected candidates before any interview.
Diversity, Inclusion, and Belonging (DIB) are fundamental to the success of GitLab. We want to infuse DIB in every way possible and in all that we do. We strive to create a transparent environment where all team members around the world feel that their voices are heard and welcomed. We also aim to be a place where people can show up as their full selves each day and contribute their best. With more than 100,000 organizations using GitLab, our goal is to have a team that is representative of our users.
What You'll Do In This Role
You should apply if you bring:
- Professionally handle communications with internal and external stakeholders on compliance issues
- Maintain up-to-date knowledge of GitLab's product, environment, systems and architecture
- Educate control owners on compliance workflows and processes
- Maintain GitLab's security control framework and continuous control monitoring activities
- Gather and report on established metrics within the security compliance programs
- Conduct security control test of design and test of operating effectiveness activities
- Identify observations and manage remediation tasks through to closure while adhering to strict deadlines
- Support internal and external auditors or advisors as needed
- Maintain handbook pages, procedures and runbooks related to security compliance
- Identify opportunities for security compliance control automation
- Maintain security compliance automation tasks
You'll stand out if you bring:
- A minimum of 2 years experience working with security compliance programs
- Demonstrated experience with at least two security control frameworks (e.g. SOC 2, ISO, NIST, COSO, COBIT, etc.)
- Working understanding of how compliance works with cloud-native technology stacks
- Experience in a Saas company
- Experience with GitLab
Also, we know it’s tough, but please try to avoid the confidence gap . You don’t have to match all the listed requirements exactly to be considered for this role.
Our hiring process for this Security Compliance Engineer position typically follows six stages. The details of this process and our leveling structure can be found on our job family page .
Remote-USCountry Hiring Guidelines
Please visit our Country Hiring Guidelines page to see where we can hire.Your Privacy