VP, Corporate Security

GitLab is the intelligent orchestration platform for DevSecOps. GitLab enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 50 million registered users and more than 50% of the Fortune 100* trust GitLab to ship better, more secure software faster. The same principles built into our products are reflected in how our team works: we embrace AI as a core productivity multiplier, with all team members expected to incorporate AI into their daily workflows to drive efficiency, innovation, and impact. GitLab is where careers accelerate, innovation flourishes, and every voice is valued. Our high-performance culture is driven by our values and continuous knowledge exchange, enabling our team members to reach their full potential while collaborating with industry leaders to solve complex problems. Co-create the future with us as we build technology that transforms how the world develops software. *Fortune 500® is a registered trademark of Fortune Media IP Limited, used under license. Claim based on GitLab data. Fortune 100 refers to the top 20% ranked companies in the 2025 Fortune 500 list, published in June 2025. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of GitLab. An overview of this role Corporate Security at GitLab leads Identity Engineering, Corporate Security Engineering, and End User Services, bringing together the engineering and service functions that secure workforce identity, internal systems, endpoints, and core business applications. This organization enables GitLab team members to work productively and securely through a 24x5 support model and engineering ownership across identity, device trust, SaaS, platform, and internal security controls. As VP, Corporate Security, you will lead this organization through its next stage of maturity. You will own strategy, execution, and operational excellence across Corporate Security engineering and services, shaping how GitLab scales secure workforce access, endpoint security, SaaS governance, and internal IT experience in an all-remote environment. You will inherit and develop a multi-disciplinary organization that already includes leadership across identity engineering and corporate security engineering, and you will partner closely with the CISO and peers across Security, IT, Engineering, People, Legal, and Finance. This role is right for someone who can connect security posture, team member experience, and business enablement. You should be equally comfortable setting executive direction and drilling into operating questions such as how to modernize identity, reduce authentication friction, mature endpoint and SaaS controls, improve onboarding and offboarding, and build systems that are secure by default and auditable by design. Some examples of the team's focus areas: Corporate Security (CorpSec) CorpSec End User Services (EUS) CorpSec Identity Engineering What you’ll do Set the vision and operating model for Corporate Security across engineering, identity, endpoint and device security, and end-user services, aligning security outcomes with productivity and service quality. Lead a globally distributed, multi-disciplinary organization through clear roadmaps, strong managers, measurable priorities, and high operational standards. Own GitLab’s internal identity and access strategy across Okta, lifecycle automation, RBAC and ABAC, administrative access controls, cloud access governance, and the ongoing evolution of Identity v3. Drive secure-by-default endpoint and device strategy across GitLab’s fleet, with particular strength in macOS, endpoint hardening, configuration management, telemetry, detection partnerships, and engineering-led change control. Oversee end-user services and internal IT support for the company, including access management, hardware support, and support for core applications such as Google Workspace, Slack, and Zoom, while improving helpdesk effectiveness and service experience. Build scalable onboarding, offboarding, and role-change processes that reduce risk, improve auditability, and remove friction for team members and business stakeholders. Partner cross-functionally with Security, IT, Engineering, People, Compliance, Finance, and Legal to translate business and regulatory requirements into pragmatic controls, policies, and workflows. Own vendor, tooling, and budget strategy for the Corporate Security estate, using metrics to improve resilience, team member experience, and risk reduction over time. What you’ll bring Significant senior leadership experience leading corporate security, enterprise IT, IAM, endpoint security, or adjacent internal platform organizations at scale. Strong command of workforce identity and access concepts, including SSO, SAML, OAuth, lifecycle automation, RBAC and ABAC, administrative access controls, and governance for privileged and non-human identities. Deep understanding of modern endpoint and device security, ideally in a macOS-heavy environment, including MDM or endpoint management, hardening, software distribution, and fleet-level operational rollout strategy. A track record of replacing manual or click-ops processes with automation, GitOps, infrastructure-as-code, and auditable engineering workflows. Experience balancing service operations and engineering investment, with credibility in both helpdesk and internal platform environments. Experience operating in regulated or audit-heavy environments and partnering with compliance stakeholders on durable, evidence-ready controls. Excellent written and verbal communication skills, strong executive judgment, and the ability to lead effectively in an all-remote, asynchronous company. A pragmatic, business-enabling leadership style that raises the security bar while reducing friction for team members and internal customers. About the team The Corporate Security organization provides the technology, support, and internal security capabilities GitLab team members rely on to do their work. The team owns internal security-focused engineering and services across access, endpoints, SaaS platforms, and core workforce systems, while also supporting day-to-day team member productivity through end-user services and helpdesk operations. Within that broader scope, Identity Engineering leads the technical strategy and automation behind IAM, RBAC, and administrative access controls for internal systems, cloud infrastructure, and tech stack applications, including the next-generation Identity v3 program. End-user and endpoint functions support access, hardware, core applications, and fleet security for GitLab’s distributed workforce. Together, these groups are building a more scalable, auditable, and secure foundation for how GitLab operates internally. The base salary range for this role’s listed level is currently for residents of the United States only. This range is intended to reflect the role's base salary rate in locations throughout the US. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, alignment with market data, and geographic location. The base salary range does not include any bonuses, equity, or benefits. See more information on our benefits and equity. Sales roles are also eligible for incentive pay targeted at up to 100% of the offered base salary. United States Salary Range $297,600—$360,000 USD How GitLab Supports Full-Time Employees Benefits to support your health, finances, and well-being Flexible Paid Time Off Team Member Resource Groups Equity Compensation & Employee Stock Purchase Plan Growth and Development Fund Parental Leave Please note that we welcome interest from candidates with varying levels of experience; many successful candidates d…