Engineering Manager - Security Incident Response Team (SIRT)

Engineering Manager - Security Incident Response Team (SIRT)

at GitHub

United States

GitHub Security is hiring an Incident Response (IR) Manager to lead and evolve the Security Incident Response Team (SIRT). You will foster an environment of excellence and mentorship to lead the detection and response to attacks on our infrastructure and users. The team and capability you manage and guide will focus on the investigative and response practices that help GitHub securely protect the world's largest code hosting platform. The leadership you bring will influence the IR capability of systems and infrastructure across GitHub’s Production and Corporate environments, identity & access management systems, and core security services for vulnerability management and security monitoring.

GitHub’s Security team is highly distributed and to be successful you must thrive in an environment of distributed work and asynchronous communication. Strong written communication skills are essential, as is the ability to develop strong working relationships with coworkers in locations around the globe. This role is not about dictating a team member's work directly, but rather guiding and serving to ensure the productivity and success the members and team. A primary goal of this job is to enable each team member to do the best work of their lives securing GitHub.

If you have a foundation in IR, information security and infrastructure, enjoy supporting humans across all experience levels from fresh-out-of-college associates to seasoned senior engineers, and want to help build a world class security team, then this might be the gig for you.


  • Design, implement and manage enterprise wide (end-to-end) Incident handling and coordination lifecycles, methodologies, and processes with the SIRT team and partners.
  • Influence implementation of IR capability across applications, core infrastructure to user endpoint.
  • Developing and driving adoption of security standards and requirements.
  • Manage the people and team to plan, balance, prioritize and execute on their day-to-day responsibilities, projects, and career development objectives.
  • Manage complex projects spanning teams in and outside of the Security department.
  • Participating in on-call rotation, incident handling and incident coordination.

Minimum Qualifications:

  • Experience with the entire IR lifecycle and collaborating with cross functional internal & external teams to improve organizational IR capability and capacity.
  • Several years experience effectively managing small to medium sized security teams.
  • Experience effectively managing and working with distributed and remote teams.
  • The ability to take a pragmatic approach to decision making while applying practical security design principles and practices.
  • Exceptional communication skills with a strong sense of empathy.
  • Proven technical project management experience guiding strategic and tactical technical decision making and execution.
  • Experience supporting governance and regulatory requirements.
  • Experience and interest in developing and maintaining processes and programmatic practices.
  • Demonstrative experience with core DFIR including system forensics, memory forensics, network analysis, malware analysis, cyber threat intelligence, or log analysis.
  • Practical experience with common security infrastructure such as log/SIEM analysis systems, firewalls, identity and access management, vulnerability management, etc.
  • Practical understanding of system/networking technologies and web based platforms (e.g. Linux, TCP/IP, Ruby on Rails, etc.)
  • Tenacious tinkering, spelunking and curiosity capacity.

Preferred Experience:

  • Proficiency in high-level languages such as Ruby, Python and Bash.
  • Familiarity with configuration management capabilities and software such as Puppet, Chef, Ansible, or Salt.
  • Experience with containerization or virtualization.
  • Can develop and maintain systems through reusable code and tooling.
  • Are an active contributor to open source security projects and/or security community initiatives.
  • Experience with systems languages (C/C++, Go, Rust).
  • Experience with Linux systems internals.

Who We Are:

GitHub is the best place to share code with friends, co-workers, classmates, and complete strangers. Over 24 million people use GitHub to build amazing things together across 67 million repositories. With the collaborative features of and GitHub Business, it has never been easier for individuals and teams to write faster, better code.

What We Value:

Collaboration: We believe the best work is done together.

Empathy: We believe in putting people first.

Quality: We believe in setting the standard for excellence.

Positive Impact: We believe in making the world a better place through our work.

Shipping: We believe in creating things for the people using them.

Why You Should Join:

At GitHub, we constantly strive to create an environment that allows our employees (Hubbers) to do the best work of their lives. We've designed one of the coolest workspaces in San Francisco (HQ), where over half of our Hubbers work, snack, and create daily. The other half of our Hubbers work remotely in 18 countries across the globe. Here is a complete list of where we can hire!

We are also committed to keeping Hubbers healthy, motivated, focused and creative. We've designed our top-notch benefits program with these goals in mind. In a nutshell, we've built a place where we truly love working, we think you will too.

GitHub is made up of people from a wide variety of backgrounds and lifestyles. We embrace diversity and invite applications from people of all walks of life. We don't discriminate against employees or applicants based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship, disability, pregnancy status, veteran status, or any other differences. Also, if you have a disability, please let us know if there's any way we can make the interview process better for you; we're happy to accommodate!