Senior Log Management Engineer at GitLab Inc.

About the job
GitLab's DevOps platform empowers 100,000+ organizations to deliver software faster and more efficiently. We are one of the world’s largest all-remote companies with 1,600+ team members and values that guide a culture where people embrace the belief that everyone can contribute .
The Security Logging engineers own security initiatives related to security of GitLab.com. They work to improve the coverage and usability of security-data on GitLab. They work very closely with the Security Incident Response Team [SIRT] and share findings proactively.

Responsibilities

1. Be part of the architectural direction, administration, maintenance, documentation, and oversight of the Security information and event management [ SIEM ] solution
2. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting
3. Manage implementation, enhancement and adoption of the solutions built by the team into operations
4. Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers
5. Conduct incident response investigations
6. Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.)
7. Ensure compliance with internal policies, standards, and regulatory requirements
8. Contribute to creation of runbooks

Requirements

1. Ability to use GitLab
2. Good written and verbal communication skills
3. Experience working in site-reliability engineering, cloud security, system engineering, or similar positions
4. Experience with Google Cloud Platform (preferred) or Amazon Web Services
5. Substantial knowledge of the Linux operating system
6. Experience with one or more programming languages (Python and either Ruby, Go, or PHP)
7. Demonstrated experience with running systems at scale
8. Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details
9. Share our values , and work in accordance with those values
10. Levels Infrastructure Security Engineer (Intermediate)

This position reports to the Manager, Infrastructure Security .

Senior Infrastructure Security Engineer Responsibilities

1. Create and provide oversight for rule creation to generate actionable security alerts
2. Be a subject-matter expert (SME) of at least 1 technical area impacting the security of the product
3. Identify inconsistencies in logs and work with development, infrastructure and security teams and work to standardize them
4. Assist on root cause analysis (RCA) and security incident reviews
5. Guarantee the availability, and recoverability of the SIEM ecosystem
6. Assist on actions to mitigate any threats based on findings
7. Mentor other members of the Security Team
8. Ownership and delivery on complex projects
9. Senior Infrastructure Security Engineer Requirements
10. Includes responsibilities listed here
11. Experience working with incident response
12. Experience with logging systems and log analysis
13. Experience using and administrating analysis platforms such as Splunk, ELK, BigQuery, etc…
14. Experience with orchestration technologies such as Chef, Puppet or Ansible
15. Experience with infrastructure-as-code
16. Working experience with Kubernetes and Docker
17. Capability to build working relationships with key stakeholdersResponsibilities