✦ Luna Orbit — Cybersecurity

Principal Cybersecurity Incident Manager (USA)

at GitLab

📍 Remote, US Remote Posted April 06, 2026
Apply Now → ← Browse All Jobs

Position Details

Type Full-Time
Experience senior
Exp. Years 10+ years
Education Not specified
Category Cybersecurity

About this role

Principal Cybersecurity Incident Manager leads and coordinates critical security incidents across GitLab environments, serving as the primary authority during high-severity events and maturing the incident command function.

Key Responsibilities

  • Incident Command for critical security events across GitLab environments
  • Orchestrate cross-functional response with Security Operations, Infrastructure, Legal, Engineering, and executives
  • Lead post-incident reviews and action item tracking
  • Develop incident response playbooks and runbooks
  • Mentor incident commanders and build organizational muscle memory

Technical Overview

Hands-on incident response with cloud (GCP/AWS), Kubernetes, SIEM, and log analysis; strong communication to executive stakeholders; builds playbooks/runbooks and provides training.

Ideal Candidate

The ideal candidate is a senior security veteran with 10+ years in information security, expert incident command experience, and hands-on skills across cloud, Kubernetes, and SIEM to lead critical security events.

Must-Have Skills

10+ years of information security5+ years incident response or related disciplinesExperience as Incident CommanderCloud infrastructure (GCPAWS)KubernetesSIEMStrong written and verbal communication

Nice-to-Have Skills

SRE/DevOps exposureFamiliarity with GitLab productDevSecOps practices

Tools & Platforms

Google Cloud PlatformAmazon Web ServicesKubernetesSIEM

Required Skills

Incident Commandersecurity incident responseMITRE ATT&CKcloud infrastructure (GCP/AWS)KubernetesSIEMlog analysissecurity monitoringcross-functional coordinationsecurity operations

Hard Skills

Incident CommanderSecurity Incident ResponseMITRE ATT&CKCloud infrastructure (GCPAWS)KubernetesSIEMlog analysissecurity monitoringCross-functional coordinationSecurity Operations

Soft Skills

leadershipcommunicationcrisis managementstakeholder management

Industry & Role

Industry SaaS
Job Function Lead high-severity security incidents as Incident Commander and drive improvements to incident response processes
Role Subtype Incident Commander
Tech Domains Amazon Web Services, Google Cloud Platform, Kubernetes, SQL / PostgreSQL, Security Operations

Keywords for Your Resume

Principal Cybersecurity Incident ManagerIncident CommanderSecurity Incident ResponseMITRE ATT&CKcloud infrastructureGCPAWSKubernetesSIEMlog analysissecurity monitoringCross-Functional CoordinationSecurity Operationsincident commandersecurity incident responsemitre attackkubernetesawsgcpsiemsecurity operations

Deal Breakers

Lack of incident commander experience, No 10+ years information security experience, No experience with cloud infrastructure (GCP/AWS)

Apply for this Position →

Get matched to jobs like this

Luna finds roles that fit your skills and career goals — no endless scrolling required.

Create a Free Profile