Senior Manager, Customer Trust & Security Governance

6 hours ago
Full-time
Senior
Cybersecurity
GitLab

GitLab

GitLab: The comprehensive DevOps platform revolutionizing software development with automation, AI workflows, and essential tools for efficient collaboration.

Internet Software & Services
1K-5K
Founded 2014

Description

  • Lead the customer trust function for contract reviews, security questionnaires, requests for proposals, and related customer and vendor security inquiries.
  • Set direction, priorities, and operating practices that help the team respond effectively while reducing friction in the sales cycle.
  • Partner with Legal, Sales, Product, and Procurement to review and negotiate security-related terms in revenue and vendor agreements.
  • Manage escalations for complex security questionnaires, risk assessments, and contract issues, and guide teams toward practical solutions.
  • Develop and improve security templates, playbooks, fallback positions, and training materials that support faster, more consistent negotiations.
  • Build and maintain GitLab's library of security policies and collaborate with security subject matter experts to mature security standards.
  • Drive the security metrics and reporting program, including preparation and facilitation for quarterly business reviews.
  • Oversee a security awareness program and use automation and AI tooling to improve workflows, documentation, and team effectiveness.
  • Shape how GitLab addresses customer security needs at scale and improve how security is measured and communicated internally.

Requirements

  • Extensive experience leading security governance or customer-facing security programs in a complex, cross-functional environment.
  • Knowledge of security and compliance frameworks such as SOC 2, ISO 27001, FedRAMP, GDPR, and NIST.
  • Ability to review and negotiate security and privacy terms in contracts with a practical approach to balancing risk and business needs.
  • Understanding of cloud security, software as a service security models, and DevSecOps practices.
  • Skill in translating technical security concepts into clear guidance for customers, executives, and internal partners.
  • Experience building or improving security policies, standards, metrics, reporting, or awareness programs.
  • Comfort working asynchronously with teams across Security, Sales, Legal, Product, and Engineering, and collaborating through written communication.
  • Openness to using automation and AI to improve scale and consistency, and to applying transferable experience from adjacent security, governance, or trust roles.
  • Must be a United States Citizen due to government requirements.

Benefits

  • Base salary range of $168,000 to $245,000 USD.
  • Benefits to support health, finances, and well-being.
  • Flexible Paid Time Off.
  • Equity Compensation and Employee Stock Purchase Plan.
  • Growth and Development Fund.
  • Parental Leave.
  • Remote work with roles hiring in countries around the world, subject to location eligibility requirements.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Manager, Employee Relations and Compliance

Ladders 51-250 Professional Services

AccuWeather is hiring an HR Manager, Employee Relations & Compliance to partner with leaders on employee relations, compliance, performance management, and HR operations across the organization.

5 hours, 15 minutes ago

Senior Compliance and Risk Analyst

Calendly 251-1K Internet Software & Services

Calendly is hiring a Senior Compliance and Risk Analyst to own and evolve its compliance and enterprise risk programs for a rapidly growing SaaS business.

HIPAA
5 hours, 30 minutes ago

Senior Manager of Regulatory Affairs

Voltus 251-1K Electric Utilities

Voltus is hiring a Senior Manager of Regulatory Affairs to advocate for distributed energy resources across federal, state, and wholesale energy markets in support of the company’s clean energy mission.

6 hours, 15 minutes ago

Regulatory Affairs Specialist (Australia)

Alimentiv 251-1K Professional Services

Global Regulatory Affairs role at a clinical research organization supporting clinical trial submissions, regulatory compliance, and stakeholder guidance across global projects.

6 hours, 15 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers