Description of Duties
Would you like to create a meaningfully useful, modern SecOps product on top of the Grafana stack, available open source to any Grafana user? Would you like to build the security operations function behind Grafana’s open source software stack and Grafana Cloud? Would you like to grow a SecOps team from a beautiful acorn to a collaborative, transparent and highly capable 24x7 unit? Do you want to build great tools and experiences, then open source them to the community?
We are bootstrapping this function, so this is initially a people and technical management position with an expectation of an appropriate blend of hands-on and leadership responsibilities. As the team scales out this role will evolve into more of a leadership and product strategy role, though one still suited to a highly technical individual. This is a 100% remote role reporting to the CISO, alongside the leads for Security Engineering and Security Assurance. We don’t anticipate on-call requirements as we intend (for you) to hire a geographically dispersed SOC team to begin fleshing out an on-call rota.
We have a blogpost out covering the values behind the kind of team we’d like to build. Check it out here.
Key Responsibilities
- Lead the product strategy for Grafana’s community-first, open source security operations tooling and features
- Lead the creation of a SecOps function and associated process at Grafana
- Build and lead the Security Operations team from initiation, through 24x7 on-call to 24x7 live coverage (hiring, performance management, etc)
- Act as a point of escalation and trusted stakeholder during security incident response
- Bring your experience, help shape Grafana’s overall security strategy and execution
- Liaising with R&D and IT teams to ensure appropriate instrumentation, logging and
- Creating and leading an incident training & exercising framework
- Lots of purple team things, including input into our nascent business-wide red team practice
- Lead the initial forays into building a right-sized security operations capability on the Grafana stack, then open-sourcing all our work
- Internal and external thought leadership around security operations, detection & response, threat hunting, etc
An ideal candidate might possess:
- 5+ years of experience working in a security engineering or security operations role, ideally in DevOps Cloud-native organizations
- Of that, 2+ years of management or team leader experience
- Experience with operating in, instrumenting and supporting SecOps on AWS/GCP/Azure and containerised environments (e.g., AWS ECS, containerd, k8s, etc)
- Experience with both open and closed source SecOps tooling and capabilities, ideally contributing to open source
- Solid practical cyber incident management / CSIRT experience
- Experience growing and mentoring SOC analysts and engineers
- Experience managing geographically dispersed and follow-the-sun SecOps teams
- If you’ve also got opinions about digital forensics, great!
What you’ll bring to the role
- A continual bias to action and ongoing sense of curiosity
- A commitment to autonomy - both in yourself and supporting this in others
- Very strong communication and project management skills and an appetite for evangelism
- Passionate about mentoring and growing talent, empathic management practices and building a healthy workplace
- A passion for knowledge sharing and education, bringing everyone else up to your level
- Fantastic and proven communication, collaboration and stakeholder management skills
- An interest in Grafana’s stack and a desire to contribute to our open source foundations - We love dogfooding and giving back!
About Grafana Labs: There are more than 950,000 active installations of Grafana around the globe, monitoring everything from beehives to climate change in the Alps. The instantly recognizable dashboards have been spotted everywhere from a NASA launch and Minecraft HQ to Wimbledon and the Tour de France. Grafana Labs also helps companies including Bloomberg, JPMorgan Chase, and eBay manage their observability strategies with full-stack offerings that can be run fully managed with Grafana Cloud, or self-managed with Grafana Enterprise Stack. The Grafana stack has grown to include four other open source projects, Grafana Loki (for logs), Grafana Tempo (for traces), Grafana Mimir (for metrics), and Grafana OnCall (for on-call management).
Benefits: For more information about the perks and benefits of working at Grafana, please check out our careers page.
A note about covid-19: All Grafanistas who wish to attend in-person events or travel for Grafana Labs must be fully-vaccinated.
Equal Opportunity Employer: At Grafana Labs we’re building a company where a diverse mix of talented people want to come, stay, and do their best work. We know that our company runs on the hard work and the dedication of our passionate and creative employees. If you're excited about this role but your experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyways.
We will recruit, train, compensate and promote regardless of race, religion, colour, national origin, gender, disability, age, veteran status, and all the other fascinating characteristics that make us different and unique. We believe that equality and diversity builds a strong organisation and we’re working hard to make sure that’s the foundation of our organisation as we grow.
For information about how your personal data is used once you’ve applied to a job, check out our privacy policy.