Security Shadow Program

From converging on real-time critical events with SIRT, exploiting vulnerabilities with the Red Team or participating in live Customer Assurance calls with the Risk and Field Security team, you will have the opportunity to work next to security staff to gain valuable insight and working knowledge of security fundamentals across multiple domains. Each program includes hands-on activities to provide an authentic security team experience.

The Security Shadow program is designed to provide numerous benefits including

  • Provide insight and transparency into the operations of various security teams
  • Educate and expand skillsets of interested team members
  • Strengthen collaboration and working relationships with participants

How the Security Shadow Program works

Each security team may host 1 individual at a time. Availability of each team is determined by the team manager. After completing the enrollment form a schedule will be agreed upon between you and the applicable team manager. The course schedule for each team ranges from 2 to 4 days and between 2 to 4 hours per day (see course catalog below). You will then be paired with the team and provided a calendar invite with zoom link to join each day on the agreed upon time and schedule. Learn, participate, ask questions and enjoy the experience.

Course Catalog

Our course catalog is divided into three main areas in alignment with the three Sub-Organizations within the Security Department.

Who can join the Security Shadow Program

All GitLab team members are welcome!

Enrollment

Ready to embark on this adventure with us?

  1. Talk to your manager. Make sure they approve the time you will need to dedicate to this program.
  2. Join the #security-department Slack Channel
  3. Click on the blue lightning bult in the bottom left corner to initiate the Security Shadow Program Workflow
  4. Complete the Enrollment Form
  5. The manager of the applicable Security Team will reach out to schedule your start date

Questions

Feel free to contact the Security Team in our Slack Channel

Last modified January 24, 2024: Change Security Engineering name to Product Security (46edc90d)
View page source - Edit this page - please contribute. Creative Commons License