Field CISO

The Field CISO or Field Security Officer engages with GitLab customers and prospects providing strategic advice and guidance. Providing thought leadership in DevSecOps and secure SDLC.

Responsibilities

  • Client Engagement: Act as the primary security advisor for clients, assessing their security needs, and providing strategic recommendations.
  • Risk Assessment: Conduct comprehensive risk assessments and develop tailored security programs to meet client requirements.
  • Security Strategy Development: Collaborate with clients to develop and implement security strategies aligned with their business objectives.
  • Compliance Management: Ensure clients meet relevant regulatory and compliance requirements, such as GDPR, HIPAA, PCI-DSS, etc.
  • Incident Response: Lead incident response efforts and develop incident response plans tailored to client environments.
  • Training & Awareness: Develop and deliver security training and awareness programs for client staff to foster a culture of security.
  • Collaboration: Work closely with internal teams, including IT, legal, and operations, to ensure a cohesive security strategy.
  • Industry Trends: Stay current with emerging threats, trends, and technologies in the cybersecurity landscape to provide clients with up-to-date advice.

Requirements

The Field Chief Information Security Officer (CISO) to leads our cybersecurity initiatives across multiple client engagements. This role requires a understanding of security frameworks, risk management, and regulatory compliance, combined with exceptional communication and leadership skills. Additionally, the position requires a proactive approach to identifying and mitigating risks, while providing strategic guidance to clients on their security posture.

Levels

Field CISO

This position reports to CISO (Chief Information Security Officer)

Field CISO (Senior Director)

The role is a grade 11.

Field CISO (Senior Director) Responsibilities

All responsibilities listed above (applicalbe to all roles) plus:

  • Provides strategic advisory services to customers, prospects, and partners for DevSecOps covering the key areas of information security and data privacy.
  • Provide guidance for customers on how they can utilize GitLab to establish best-in-class Security and Compliance outcomes.
  • Engages the community of customers, partners, industry analysts, influencers, and standards bodies with rich content that covers the why and how of effective DevSecOps.
  • Develops content and presents at industry events (both in-person and virtual), webinars, and podcasts in partnership with cross-functional partners.
  • Works with the team to create best practices and playbooks for Security best practices with GitLab including SLSA
  • Actively participate in industry groups and standards bodies in the areas of Secure SDLC, DevSecOps, and information security.
  • Provides feedback that influences the product roadmap and features based on the real-life experiences of our customers and partners.
  • Provides strategic sales support to the GitLab sales team helping prospective customers understand the path to highly effective DevSecOps

Field CISO (Senior Director) Requirements

  • Provide executive-level, security-related thought leadership on strategic opportunities (i.e., new logo and growth)
  • Own CISO, CSO, and/or chief security architect relationships in key accounts while providing credible, leading-edge security guidance to help orchestrate their desired outcomes
  • Assist account teams with GitLab product security and compliance expertise in order to drive ARR for GitLab while also providing direction on opportunity and account strategies related to selling and expanding with security (e.g., up-tier)
  • Act as a prospect / customer advocate on security related matters
  • Develops field enablement content including demos of GitLab security features
  • Curate and manage security related field feedback, while collaborating with the product team on issue prioritization
  • Contribute to security sales strategy and playbooks in while collaborating with marketing and product teams
  • Scale and grow regional-level expertise within the field (SAE/AE,SA,CSM) through contributions to enablement and content
  • Significant experience with information technology security is preferred
  • Experience as CISO/CSO is a plus
  • Experience delivering information/Cyber Security and compliance related solutions and assessments
  • Experience with software development tools, practices, and methodologies
  • Experience with application vulnerability management and associated regulations (i.e. PCI DSS, HIPAA, NIST 800-731 and more) and tools (i.e. SAST, DAST, SCA)
  • Strong verbal and written skills with a strong ability to articulate and communicate strategies to all levels in an organization (i.e., executive to staff engineer)
  • Ability to use GitLab, including learning GitLab as part of the role

Career Ladder

For more details on the security engineering career ladders, please review the security engineering career development handbook page.

Hiring Process

Candidates for this position can expect the hiring process to follow the order below. Please keep in mind that candidates can be declined from the position at any stage of the process.

  • Qualified candidates will be invited to schedule a 30 minute screening call with one of our Global Recruiters.
  • Next, candidates will be invited to schedule an interview with CISO
  • Candidates will then be invited to schedule separate 60 minute interviews with three leaders of the organization
  • Candidates will then be invited to schedule separate two 45 minute interviews with cross-functional team members
  • Successful candidates will subsequently be made an offer via email

Additional details about our process can be found on our hiring page.

 

About GitLab

GitLab is an open core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations. Our mission is to enable everyone to contribute to and co-create the software that powers our world. When everyone can contribute, consumers become contributors, significantly accelerating the rate of human progress. This mission is integral to our culture, influencing how we hire, build products, and lead our industry. We make this possible at GitLab by running our operations on our product and staying aligned with our values. Learn more about Life at GitLab. Thanks to products like Duo Enterprise, and Duo Workflow, customers get the benefit of AI at every stage of the SDLC. The same principles built into our products are reflected in how our team works: we embrace AI as a core productivity multiplier. All team members are encouraged and expected to incorporate AI into their daily workflows to drive efficiency, innovation, and impact across our global organisation.

See our culture page for more!

Work remotely from anywhere in the world. Curious to see what that looks like? Check out our remote manifesto and guides.

Last modified June 20, 2025: Security HB job roles clean-up (8b21b128)
View page source - Edit this page - please contribute. Creative Commons License