Sr Staff, Infosec Engineer - Cyber Defense

Company: 816 GPS Services, Inc.
Location: San Francisco
Posted on: June 1, 2025

Job Description:

Sr Staff, Infosec Engineer - Cyber DefenseAbout the RoleCompany Overview: As a Fortune 100 retailer leading the market with innovative strategies and a commitment to customer satisfaction, Gap, Inc. prioritizes the security and integrity of our information systems. Our InfoSec organization is at the forefront of protecting our company's assets and ensuring a secure shopping experience for our customers.Position Summary: We are seeking a skilled and experienced Security Engineer with a strong background in SIEM/SOAR platforms and detection engineering. The ideal candidate will be responsible for designing, implementing, and managing security integrations, focusing on cybersecurity monitoring, incident detection, and automated response processes. This role requires a deep understanding of cybersecurity principles, hands-on technical expertise, and a proactive approach to threat detection and mitigation. Hands-on experience with multiple SIEM/SOAR platforms, Cribl, and supporting the engineering needs of a modern Security Operations Center is a high-priority requirement.What You'll Do

• Design, develop, and implement information security solutions across Cloud Security, Infrastructure Security, Product Security, Defensive Engineering, and Identity and Access Management.
• Demonstrate proficient knowledge of infrastructure security practices, concepts, and relevant technologies.
• Manage requirements analysis and draft technical design specifications based on functional requirements gathered through collaboration with business and project teams.
• Maintain an enterprise-wide identity and access management infrastructure.
• Implement security controls for CI/CD pipelines and provide technical advisory support across a hybrid multi-cloud, on-premises, and retail environment.
• Ensure governance and compliance with legal and regulatory requirements, maintaining Gap Inc.'s security policies, standards, and industry best practices.
• Drive automation of cloud security processes.
• Mentor junior Security Engineers to develop necessary skills.Key ResponsibilitiesSIEM Administration/Management:
  • Design, deploy, configure, and maintain SIEM environments.
  • Develop dashboards, alerts, and reports for security monitoring.
  • Integrate data sources into SIEM for comprehensive analysis.
  • Optimize SIEM performance through tuning and configuration management.
    • Create and manage correlation rules, alerts, and reports to detect security incidents.
    • Analyze SIEM logs to identify threats and vulnerabilities.
    • Collaborate with IT teams for data collection and integration.SOAR Implementation:
      • Design and implement SOAR playbooks for incident response automation.
      • Integrate SOAR with existing security tools.
      • Work with SOC and incident response teams to streamline responses.
      • Update playbooks based on feedback and threat evolution.Threat Detection & Incident Response:
        • Monitor security events proactively for potential incidents.
        • Lead incident response efforts, including investigation and remediation.
        • Provide analysis and collaborate on corrective actions.
        • Perform root cause analysis to prevent recurrence.
          • Prepare reports on security trends and incidents.
          • Maintain documentation of security tools and processes.Collaboration & Training:
            • Coordinate with InfoSec, TechOps, and other teams to ensure security.
            • Train junior staff and stakeholders.
            • Participate in security audits and assessments.Who You AreEducation:
              • Bachelor's degree or equivalent experience.Experience:
                • At least 6 years in cybersecurity, focusing on security logging, cyber operations, and automation.
                • Experience with SecOps environments and platforms like Splunk, Azure Sentinel, Google SecOps, and SOAR tools like Swimlane, Torq, Tines, and Cribl.
                • Understanding of security frameworks, threat landscapes, and incident response.Skills:
                  • Proficiency in scripting languages (Python, Bash).
                  • Strong analytical and problem-solving skills.
                  • Excellent communication skills to convey technical info to non-technical stakeholders.
                    #J-18808-Ljbffr

Keywords: 816 GPS Services, Inc., Union City , Sr Staff, Infosec Engineer - Cyber Defense, Engineering , San Francisco, California