Sr Staff, Infosec Engineer - Cyber Defense

About Gap Inc.

Our brands bridge the gaps we see in the world. Old Navy democratizes style to ensure everyone has access to quality fashion at every price point. Athleta unleashes the potential of every woman, regardless of body size, age or ethnicity. Banana Republic believes in sustainable luxury for all. And Gap inspires the world to bring individuality to modern, responsibly made essentials.     

This simple idea—that we all deserve to belong, and on our own terms—is core to who we are as a company and how we make decisions. Our team is made up of thousands of people across the globe who take risks, think big, and do good for our customers, communities, and the planet. Ready to  learn fast, create with audacity and lead boldly? Join our team.

About the Role

Company As a Fortune 100 retailer leading the market with innovative strategies and a commitment to customer satisfaction, Gap, Inc. prioritizes the security and integrity of our information systems. Our InfoSec organization is at the forefront of protecting our company's assets and ensuring a secure shopping experience for our customers.
Position We are seeking a skilled and experienced Security Engineer with a strong background in SIEM/SOAR platforms and detection engineering. The ideal candidate will be responsible for designing, implementing, and managing security integrations, with a focus on cybersecurity monitoring, incident detection, and automated response processes. This role requires a deep understanding of cybersecurity principles, hands-on technical expertise, and a proactive approach to threat detection and mitigation. Hands-on experience with multiple SIEM/SOAR platforms, Cribl, and experience supporting the engineering needs of a modern Security Operations Center is a high-priority requirement for this role.

What You'll Do

• Design, develop, implement information security solutions This may include but is not limited to the following areas: Cloud Security, Infrastructure Security, Product Security, Defensive Engineering, and Identity and Access Management.
• Demonstrate proficient knowledge of infrastructure standard security practices, concepts and technologies relevant to role.
• Manage technical requirements analysis and drafts technical design specifications based on interpretation of functional requirements gathered through working with business and project teams.
• Maintain an enterprise wide identity and access management infrastructure
• Implement security controls governing CI/CD pipelines, and provide technical advisory support across a rapidly modernizing and dynamic hybrid multi cloud, on prem and retail chain environment
• Ensure governance and compliance with legal and regulatory requirements while maintaining Gap Inc Information Security policies, standards, and industry best practices
• Drive automation of cloud security processes
• Mentor junior Security Engineers towards achieving command of the skills necessary to perform all work related tasks.

SIEM Administration/Management:

• Design, deploy, configure, and maintain SIEM environment(s).
• Develop and manage dashboards, alerts, and reports to monitor security events.
• Integrate various data sources into SIEM for comprehensive security analysis.
• Optimize SIEM performance by tuning and managing indexes, searches, and system configurations.
• Develop and maintain correlation rules, alerts, and reports to detect and respond to security incidents.
• Monitor and analyze SIEM logs to identify potential security threats and vulnerabilities.
• Collaborate with other IT teams to ensure comprehensive data collection and integration into the SIEM.

SOAR Implementation:

• Design and implement SOAR playbooks to automate incident response processes.
• Integrate SOAR solutions with existing security tools and platforms.
• Collaborate with SOC (Security Operations Center) and incident response teams to streamline and automate response actions.
• Continuously improve SOAR playbooks based on feedback and evolving threats.

Threat Detection & Incident Response:

• Proactively monitor and analyze security events to identify potential incidents.
• Lead incident response efforts, including investigation, containment, and remediation.
• Provide expert analysis on security incidents and collaborate with teams to implement corrective actions.
• Perform root cause analysis to prevent recurrence of security incidents.
• Prepare detailed reports for management on security events, trends, and recommendations.
• Maintain up-to-date documentation of security tools, configurations, and processes.

Collaboration & Training:

• Work closely with InfoSec, TechOps, and other Gap Inc. teams to ensure secure systems and processes.
• Provide training and guidance to junior security staff and other stakeholders.
• Participate in security audits and assessments to ensure compliance with industry standards and regulations.

Who You Are

Education:

• Bachelor's degree or relevant equivalent experience.

Experience:

• Minimum 6 years of experience in cybersecurity, with a focus on security logging, cyber operations, and orchestration/automation technologies and processes.
• Hands-on experience in deploying and managing SecOps environments.
• Experience with various SIEM platforms (e.g., Splunk, Azure Sentinel, Google SecOps), SOAR tools (e.g., Swimlane, Torq, Tines), and Cribl.
• Strong understanding of security frameworks, threat landscapes, and incident response methodologies.

Skills:

• Familiarity with scripting languages (e.g., Python, Bash) for automation and integration tasks.
• Strong analytical skills and ability to interpret complex data sets.
• Excellent problem-solving abilities and attention to detail.
• Strong communication skills, with the ability to convey technical information to non-technical stakeholders.

Benefits at Gap Inc.

• Merchandise discount for our brands: 50% off regular-priced merchandise at Old Navy, Gap, Banana Republic and Athleta, and 30% off at Outlet for all employees.
• One of the most competitive Paid Time Off plans in the industry.*
• Employees can take up to five “on the clock” hours each month to volunteer at a charity of their choice.*
• Extensive 401(k) plan with company matching for contributions up to four percent of an employee’s base pay.*
• Employee stock purchase plan.*
• Medical, dental, vision and life insurance.*
• See more of the benefits we offer.

*For eligible employees