Gap Inc.
Sr Staff, Infosec Engineer - Cyber Defense
Join to apply for the
Sr Staff, Infosec Engineer - Cyber Defense
role at
Gap Inc.
Overview This role focuses on designing, implementing, and managing security integrations with an emphasis on cybersecurity monitoring, incident detection, and automated response processes. Hands-on experience with multiple SIEM/SOAR platforms, Cribl, and supporting a modern Security Operations Center (SOC) are high-priority requirements.
What You’ll Do
Design, develop, and implement information security solutions across Cloud Security, Infrastructure Security, Product Security, Defensive Engineering, and Identity and Access Management.
Apply professional knowledge of infrastructure security practices, concepts, and technologies relevant to the role.
Manage technical requirements analysis and draft technical design specifications based on functional requirements with business and project teams.
Maintain an enterprise-wide identity and access management infrastructure.
Implement security controls governing CI/CD pipelines and provide technical advisory support in a dynamic hybrid multi-cloud, on-prem, and retail environment.
Ensure governance and regulatory compliance while maintaining Gap Inc information security policies and industry best practices.
Drive automation of cloud security processes.
Mentor junior Security Engineers to build required skills.
SIEM Administration/Management
Design, deploy, configure, and maintain SIEM environments.
Develop dashboards, alerts, and reports to monitor security events.
Integrate data sources into SIEM for comprehensive security analysis.
Optimize SIEM performance through tuning of indexes, searches, and configurations.
Develop and maintain correlation rules, alerts, and reports to detect and respond to security incidents.
Monitor and analyze SIEM logs to identify threats and vulnerabilities.
Collaborate with IT teams to ensure data collection and integration into the SIEM.
SOAR Implementation
Design and implement SOAR playbooks to automate incident response processes.
Integrate SOAR with existing security tools and platforms.
Collaborate with SOC and incident response teams to streamline and automate response actions.
Continuously improve SOAR playbooks based on feedback and evolving threats.
Threat Detection & Incident Response
Proactively monitor and analyze security events to identify potential incidents.
Lead incident response efforts including investigation, containment, and remediation.
Provide expert analysis on security incidents and implement corrective actions with teams.
Perform root cause analysis to prevent recurrence of incidents.
Prepare detailed management reports on security events and trends.
Maintain up-to-date documentation of security tools, configurations, and processes.
Collaboration & Training
Work with InfoSec, TechOps, and other Gap Inc. teams to ensure secure systems and processes.
Provide training and guidance to junior security staff and stakeholders.
Participate in security audits and assessments to ensure regulatory compliance.
Qualifications Education
Bachelor’s degree or relevant equivalent experience.
Experience
Minimum 6 years of experience in cybersecurity with a focus on security logging, cyber operations, and orchestration/automation technologies and processes.
Hands-on experience deploying and managing SecOps environments.
Experience with SIEM platforms (e.g., Splunk, Azure Sentinel, Google SecOps), SOAR tools (e.g., Swimlane, Torq, Tines), and Cribl.
Strong understanding of security frameworks, threat landscapes, and incident response methodologies.
Skills
Familiarity with scripting languages (Python, Bash) for automation and integration tasks.
Strong analytical skills and ability to interpret complex data sets.
Excellent problem-solving abilities and attention to detail.
Strong communication skills to convey technical information to non-technical stakeholders.
Benefits at Gap Inc.
Merchandise discount for our brands: 50% off regular-priced merchandise at Old Navy, Gap, Banana Republic and Athleta, and 30% off at Outlet for all employees.
Competitive Paid Time Off plans.
Volunteer hours allowance with up to five hours per month.
Extensive 401(k) plan with company matching (up to 4% of base pay).
Employee stock purchase plan.
Medical, dental, vision, and life insurance.
See more benefits Gap Inc. offers.
Gap Inc. is an equal-opportunity employer and is committed to a workplace free from harassment and discrimination. We recruit, hire, train and promote qualified people of all backgrounds, and make employment decisions without regard to any protected status. In 2022, we were recognized by Forbes as one of the World’s Best Employers and one of the Best Employers for Diversity.
#J-18808-Ljbffr
Sr Staff, Infosec Engineer - Cyber Defense
role at
Gap Inc.
Overview This role focuses on designing, implementing, and managing security integrations with an emphasis on cybersecurity monitoring, incident detection, and automated response processes. Hands-on experience with multiple SIEM/SOAR platforms, Cribl, and supporting a modern Security Operations Center (SOC) are high-priority requirements.
What You’ll Do
Design, develop, and implement information security solutions across Cloud Security, Infrastructure Security, Product Security, Defensive Engineering, and Identity and Access Management.
Apply professional knowledge of infrastructure security practices, concepts, and technologies relevant to the role.
Manage technical requirements analysis and draft technical design specifications based on functional requirements with business and project teams.
Maintain an enterprise-wide identity and access management infrastructure.
Implement security controls governing CI/CD pipelines and provide technical advisory support in a dynamic hybrid multi-cloud, on-prem, and retail environment.
Ensure governance and regulatory compliance while maintaining Gap Inc information security policies and industry best practices.
Drive automation of cloud security processes.
Mentor junior Security Engineers to build required skills.
SIEM Administration/Management
Design, deploy, configure, and maintain SIEM environments.
Develop dashboards, alerts, and reports to monitor security events.
Integrate data sources into SIEM for comprehensive security analysis.
Optimize SIEM performance through tuning of indexes, searches, and configurations.
Develop and maintain correlation rules, alerts, and reports to detect and respond to security incidents.
Monitor and analyze SIEM logs to identify threats and vulnerabilities.
Collaborate with IT teams to ensure data collection and integration into the SIEM.
SOAR Implementation
Design and implement SOAR playbooks to automate incident response processes.
Integrate SOAR with existing security tools and platforms.
Collaborate with SOC and incident response teams to streamline and automate response actions.
Continuously improve SOAR playbooks based on feedback and evolving threats.
Threat Detection & Incident Response
Proactively monitor and analyze security events to identify potential incidents.
Lead incident response efforts including investigation, containment, and remediation.
Provide expert analysis on security incidents and implement corrective actions with teams.
Perform root cause analysis to prevent recurrence of incidents.
Prepare detailed management reports on security events and trends.
Maintain up-to-date documentation of security tools, configurations, and processes.
Collaboration & Training
Work with InfoSec, TechOps, and other Gap Inc. teams to ensure secure systems and processes.
Provide training and guidance to junior security staff and stakeholders.
Participate in security audits and assessments to ensure regulatory compliance.
Qualifications Education
Bachelor’s degree or relevant equivalent experience.
Experience
Minimum 6 years of experience in cybersecurity with a focus on security logging, cyber operations, and orchestration/automation technologies and processes.
Hands-on experience deploying and managing SecOps environments.
Experience with SIEM platforms (e.g., Splunk, Azure Sentinel, Google SecOps), SOAR tools (e.g., Swimlane, Torq, Tines), and Cribl.
Strong understanding of security frameworks, threat landscapes, and incident response methodologies.
Skills
Familiarity with scripting languages (Python, Bash) for automation and integration tasks.
Strong analytical skills and ability to interpret complex data sets.
Excellent problem-solving abilities and attention to detail.
Strong communication skills to convey technical information to non-technical stakeholders.
Benefits at Gap Inc.
Merchandise discount for our brands: 50% off regular-priced merchandise at Old Navy, Gap, Banana Republic and Athleta, and 30% off at Outlet for all employees.
Competitive Paid Time Off plans.
Volunteer hours allowance with up to five hours per month.
Extensive 401(k) plan with company matching (up to 4% of base pay).
Employee stock purchase plan.
Medical, dental, vision, and life insurance.
See more benefits Gap Inc. offers.
Gap Inc. is an equal-opportunity employer and is committed to a workplace free from harassment and discrimination. We recruit, hire, train and promote qualified people of all backgrounds, and make employment decisions without regard to any protected status. In 2022, we were recognized by Forbes as one of the World’s Best Employers and one of the Best Employers for Diversity.
#J-18808-Ljbffr