Cybersecurity Risk and Operations Manager at GitLab | Cyber Hire Jobs

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Cybersecurity Risk and Operations Manager in United States.

In this role, you will play a central part in strengthening and advancing the organization’s cybersecurity strategy by guiding operational execution, assessing risk exposure, and elevating security practices across the business. You will work closely with leadership teams to ensure robust security controls, support regulatory compliance, and foster a culture of Security by Design. Your work will include oversight of audits, incident response, vulnerability management, and third-party risk assessments. This position offers an opportunity to influence key security initiatives, shape policies and standards, and ensure the continuous improvement of an enterprise cybersecurity program. It is an ideal role for a seasoned professional who thrives at the intersection of risk, operations, and cross-functional collaboration.

Accountabilities

Establish operational security objectives, define work plans, and guide the achievement of strategic cybersecurity goals.
Work with business leaders to ensure appropriate controls are implemented and maintained through due diligence activities.
Lead the Cyber Remediation Workgroup by tracking KPIs, managing deadlines, and ensuring progress on remediation efforts.
Drive annual audit preparations including SSAE21, ISO 27001, and CMMC, while coordinating with third-party compliance teams.
Oversee vulnerability and risk reporting, maintaining visibility into operational cybersecurity metrics for executive stakeholders.
Respond to customer questionnaires, security addendums, and inquiries, supporting meetings and producing required documentation.
Perform security architecture reviews for cloud, SaaS, API-based, hybrid, and on-premise environments.
Lead the incident management program, vulnerability management program, and manage relationships with SIEM service providers.
Contribute to updates of security policies, awareness training recommendations, and improvements to internal standards.

Requirements

Bachelor’s or Master’s degree in Computer Science or a related field, or equivalent experience.
At least 8 years of experience in cybersecurity or security auditing, including 2+ years in a management role.
Strong background in internal and third-party control assessments and familiarity with frameworks such as NIST CSF, ISO 27001, and NIST 800-171.
Understanding of cyber threats, penetration testing, vulnerability assessments, and relevant regulatory standards including SSAE21, HIPAA, CMMC, and CJIS.
Experience working with managed service providers and cross-functional technical teams.
Excellent communication, negotiation, and presentation skills with the ability to simplify complex topics for diverse stakeholders.
Strong organizational skills, self-motivation, and the ability to manage competing priorities under pressure.
Ability to identify risk, challenge mitigation plans, escalate concerns appropriately, and contribute constructively to problem-solving discussions.
Comfortable addressing client security concerns and participating in customer-facing engagements.

Benefits

Competitive base salary ranging from approximately 109,300 to 147,500 USD, plus bonus eligibility.
Comprehensive health, dental, and vision coverage.
Remote-friendly work environment with flexibility.
Opportunities for professional development and leadership exposure.
Inclusive company culture backed by equal-opportunity employment practices.
Access to modern technology environments and multi-regional security initiatives.