Senior Manager, Customer Trust & Security Governance

<div class="content-intro"><p>GitLab is the intelligent orchestration platform for DevSecOps. GitLab enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 50 million registered users and more than 50% of the Fortune 100* trust GitLab to ship better, more secure software faster.</p> <p>The same principles built into our products are reflected in how our team works: we embrace AI as a core productivity multiplier, with all team members expected to incorporate AI into their daily workflows to drive efficiency, innovation, and impact. GitLab is where careers accelerate, innovation flourishes, and every voice is valued. Our high-performance culture is driven by our values&nbsp;and continuous knowledge exchange, enabling our team members to reach their full potential while collaborating with industry leaders to solve complex problems. <a href="https://www.youtube.com/watch?v=OuZIb5zszQI">Co-create the future with us</a> as we build technology that transforms how the world develops software.</p> <p>*<em>Fortune 500® is a registered trademark of Fortune Media IP Limited, used under license. Claim based on GitLab data. Fortune 100 refers to the top 20% ranked companies in the 2025 Fortune 500 list, published in June 2025. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of GitLab.</em></p></div><h4><strong>Overview of the Role</strong></h4> <p>The <strong>Senior Manager, Customer Trust &amp; Security Governance</strong> helps GitLab turn security into a clear business enabler. In this role, you will oversee the programs that help our customers and prospects assess our security posture, reduce friction in our sales cycle, strengthen our security policy and standards, and make security outcomes visible across the business. Reporting to the <strong>VP of Security Assurance</strong>, you will own a broad scope across customer trust, governance, metrics, and security awareness, with a focus on building durable processes, improving documentation, and using automation and AI to help our team spend more time on high-value work.</p> <p>In your first year, you will shape how GitLab addresses customer security needs at scale, mature the security governance program, and improve how security is measured and communicated internally. You will work across Security, Sales, Legal, Product, Procurement, and other business partners, and you will help strengthen confidence in GitLab's AI-powered DevSecOps platform through practical guidance, clear standards, and thoughtful execution.</p> <h4><strong>What you’ll do</strong></h4> <ul> <li><strong>Lead</strong> the customer trust function for contract reviews, security questionnaires, requests for proposals, and related customer and vendor security inquiries.</li> <li><strong>Set</strong> direction, priorities, and operating practices that help the team respond effectively while reducing friction in the sales cycle.</li> <li><strong>Partner</strong> with Legal, Sales, Product, and Procurement to review and negotiate security-related terms in revenue and vendor agreements.</li> <li><strong>Manage</strong> escalations for complex security questionnaires, risk assessments, and contract issues, and guide teams toward practical solutions.</li> <li><strong>Develop</strong> and improve security templates, playbooks, fallback positions, and training materials that support faster, more consistent negotiations.</li> <li><strong>Build</strong> and maintain GitLab's library of security policies and collaborate with security subject matter experts to mature security standards.</li> <li><strong>Drive</strong> the security metrics and reporting program, including preparation and facilitation for quarterly business reviews.</li> <li><strong>Oversee</strong> an engaging security awareness program and use automation and AI tooling to improve workflows, documentation, and team effectiveness.</li> </ul> <h4><strong>What you’ll bring</strong></h4> <ul> <li><strong>Extensive experience</strong> leading security governance or customer-facing security programs in a complex, cross-functional environment.</li> <li><strong>Knowledge</strong> of security and compliance frameworks such as <strong>SOC 2</strong>, <strong>ISO 27001</strong>, <strong>FedRAMP</strong>, <strong>GDPR</strong>, and <strong>NIST</strong>.</li> <li><strong>Ability</strong> to review and negotiate security and privacy terms in contracts, with a practical approach to balancing risk and business needs.</li> <li><strong>Understanding</strong> of cloud security, software as a service security models, and <strong>DevSecOps</strong> practices.</li> <li><strong>Skill</strong> in translating technical security concepts into clear guidance for customers, executives, and internal partners.</li> <li><strong>Experience</strong> building or improving security policies, standards, metrics, reporting, or awareness programs.</li> <li><strong>Comfort</strong> working asynchronously with teams across Security, Sales, Legal, Product, and Engineering, and collaborating through written communication.</li> <li><strong>Openness</strong> to using automation and AI to improve scale and consistency, and to applying transferable experience from adjacent security, governance, or trust roles.</li> </ul> <h4><em>Due to government requirements, you must be a United States Citizen (defined as any individual who is a citizen of the United States by law, birth, or naturalization) to fill this position.</em>&nbsp;</h4> <h4><strong>About the team</strong></h4> <p>The team is responsible for helping GitLab demonstrate and operationalize trust through customer-facing security support, internal governance, measurable security outcomes, and security awareness. It works across regions in an asynchronous way and partners closely with Security, Sales, Legal, Product, Procurement, and Engineering to make security clear, practical, and scalable. This team supports both business velocity and sound governance by improving how GitLab responds to customer requirements, maintains security standards, and communicates progress.</p><div class="content-pay-transparency"><div class="pay-input"><div class="description"><p><em>The base salary range for this role’s listed level is currently for residents of the&nbsp;United States only. This range is intended to reflect the role's base salary rate in locations throughout the US.&nbsp;Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, alignment with market data,&nbsp;and geographic location.&nbsp;The base salary range does not include any bonuses, equity, or benefits. See more information on our <a class="waffle-rich-text-link" href="https://about.gitlab.com/handbook/total-rewards/benefits/general-and-entity-benefits/" data-sheets-formula-bar-text-link="https://bit.ly/GLBeneUS" data-sheets-formula-bar-text-style="font-siz