Jobs

Director, Security Operations (Threat Hunting, Operations, and Incident Response)

Remote - USUnited StatesNorth AmericaMarch 26, 2024

GitHub Security Operations is hiring a Director to lead the Threat Hunting, Operations, and Incident Response teams.  In this role, you will foster an environment of excellence and mentorship to lead the detection and response to threat activity, spammy content, malware, and account takeover attacks on our infrastructure and users. The leadership you bring will influence the security of the systems and infrastructure across GitHub’s production and corporate environments, identity & access management systems, and core security services for vulnerability management and security monitoring. GitHub's many features give it a broad attack surface that make it a popular target for malicious hackers, spammers, and fraudsters. Hackers know that we protect the key intellectual property of a massive number of companies and people. Spammers love the many vectors for delivering rich content through the platform: from creating spam on Gists, issue comments, and user profiles to even opening Pull Requests to add "ads" to repositories. Fraudsters seek to profit by abusing GitHub and third-party integrators for monetary gain. This large and varied attack surface gives GitHub a somewhat unique set of problems to solve.

The Threat Hunting, Operations, and Response teams are self-driven and autonomous while being highly collaborative. These are talented teams that value learning, work-life balance, and tackling interesting challenges - something in no short supply given our adversarial, evolving problem space. The teams’ strength lies in the culture of high trust and empathy in which we operate; and genuine joy in the work we do and people we work with.

You will report directly to the Vice President of Security Operations. 

Job Responsibilities

  • Cultivating an environment where team members are empowered and have a strong sense of ownership for their work.
  • Serving as a great people leader for the team, meeting with members 1-1 on a regular basis, providing performance feedback, and helping individuals plan and execute on their career development objectives.
  • Guiding the team's vision, helping build roadmaps, ensuring projects get staffed effectively, and setting priorities that align with both the team and the company's goals.
  • Serving as the hiring manager for the team to bring in new engineers who not only complement the existing team's skills, but who also have new perspectives, ideas, and experiences.
  • Establishing and maintaining intra-department, cross-department, and management level communications.
  • Being passionate about creating and fostering good security practices and processes throughout the company.
  • Leading small group discussions about security issues with both technical and non-technical audiences, while making sure discussion highlights are captured in written form to benefit those not present.
  • Innovating around measurement and metrics.  

What We Value In Security Operations

  • Collaboration: We believe the best work is done together.
  • Empathy: We believe in putting people first.
  • Quality: We believe in setting the standard for excellence.
  • Positive Impact: We believe in making the world a better place through our work.
  • Shipping: We believe in creating things for the people using them.

Required Qualifications

Management experience:

  • Significant time spent in organizational and technical leadership roles; 
    • 10+ years experience leading cybersecurity, security engineering, and/or threat intelligence programs.
    • 5+ years experience managing individual contributors to include experience managing other managers.
    • Experience working as a remote employee, and managing distributed teams.
  • Experience leading or operating within the entire security incident response lifecycle, to include threat intelligence analysis and production, threat detection tactics and techniques, threat hunting, and incident response and remediation practices.
  • Exceptional communication skills, both written and oral.  
  • Proven technical program management experience guiding strategic and tactical technical decision making and execution.
  • Experience supporting governance and regulatory requirements.

Technical Experience

  • Pragmatic and collaborative approach to decision making and system design.
  • Demonstrative experience with core DFIR including system forensics, memory forensics, network analysis, malware analysis, cyber threat intelligence, or log analysis.
  • Experience with fighting Spam/Malware and building Account Takeover systems at scale.
  • Experience with content analysis, pattern recognition, or applied statistics.
  • Practical experience with common security infrastructure such as log/SIEM analysis systems, firewalls, identity and access management, vulnerability management, etc.
  • Tenacious tinkering, spelunking and curiosity capacity.

Desired Skills and Experience:

  • Are an active contributor to open source security projects and/or security community initiatives, such as cyber risk framework development contributions.
  • Exposure to cyber threat information sharing networks and programs.  
  • Exposure to different software development life-cycles.
  • Working knowledge of Git and GitHub.
  • Demonstrated software development experience with Go, Ruby and Rails, bash, python, or other languages.
  • Time spent securing and/or defending large-scale web/cloud applications and infrastructure.
  • Building or managing creation of data pipelines.
  • Builder of classifiers (rule-based and machine learned) to detect illegitimate content and behavior.
  • Experience with Machine Learning.
  • Expertise in data analytics.

Minimum salary of $168,700 to maximum $265,100.

At GitHub certain roles are eligible for additional rewards, including annual bonus and stock. These rewards are allocated based on individual impact in role. In addition, certain roles also have the opportunity to earn sales incentives based on revenue or utilization, depending on the terms of the plan and the employee’s role.

Location: In this role, you can work remotely from anywhere in the United States or onsite in one of GitHub’s U.S. offices (San Francisco, Bellevue, Raleigh).

#LI-Remote 

Who We Are:

GitHub is the developer company. We make it easier for developers to be developers: to work together, to solve challenging problems, and to create the world’s most important technologies. We foster a collaborative community that can come together—as individuals and in teams—to create the future of software and make a difference in the world.

Leadership Principles:

Customer Obsessed - Trust by Default - Ship to Learn - Own the Outcome - Growth Mindset - Global Product, Global Team - Anything is Possible - Practice Kindness

Why You Should Join:

At GitHub, we constantly strive to create an environment that allows our employees (Hubbers) to do the best work of their lives. We've designed one of the coolest workspaces in San Francisco (HQ), where many Hubbers work, snack, and create daily. The rest of our Hubbers work remotely around the globe. Check out an updated list of where we can hire here: https://github.com/about/careers/remote

We are also committed to keeping Hubbers healthy, motivated, focused and creative. We've designed our top-notch benefits program with these goals in mind. In a nutshell, we've built a place where we truly love working, we think you will too.

GitHub is made up of people from a wide variety of backgrounds and lifestyles. We embrace diversity and invite applications from people of all walks of life. We don't discriminate against employees or applicants based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship, disability, pregnancy status, veteran status, or any other differences. Also, if you have a disability, please let us know if there's any way we can make the interview process better for you; we're happy to accommodate!

Please note that benefits vary by country. If you have any questions, please don't hesitate to ask your Talent Partner.

Cyber Security Jobs by Category

Cyber Security Jobs by Location

Cyber Security Salaries