Staff Infosec Engineer
Spoke - Hyderabad, India
Gap Inc.
From company news to career opportunities, learn more about Gap Inc. and its portfolio of global brands including Old Navy, Gap, Banana Republic, and Athleta.About the Role
We are seeking an experienced Vulnerability Management Specialist and Strategist to join GAP Inc.’s cybersecurity team. In this role, you will be responsible for streamlining our vulnerability management program, developing strategies to mitigate risks, and ensuring the security of our systems and data. You will work closely with cross-functional teams to identify, assess, and remediate vulnerabilities, and provide expert guidance on best practices and emerging threats.What You'll Do
Conduct regular vulnerability assessments and scans to identify security weaknesses in systems, applications, and networks
Continuously monitor systems for new vulnerabilities and emerging threats, and generate detailed reports on vulnerability status, trends, and remediation progress
Experience in Risk based Vulnerability Prioritization and remediation
Develop and implement remediation plans to address identified vulnerabilities, collaborating with IT and development teams to ensure timely resolution
Ensure compliance with industry standards and regulatory requirements related to vulnerability management, and develop and maintain vulnerability management policies, procedures, and best practices
Supports Compliance & Risk Management activities related to Vulnerability Management Program
Assess the potential impact of vulnerabilities on business operations and prioritize remediation efforts accordingly, providing recommendations for risk mitigation and security improvements
Monitor Organization Network for any potential Zero Day Vulnerabilities/Exploits
Ensure Rapid Response processes are rehearsed & kept up to date to handle any Zero Day Vulnerabilities or real time attacks
Maintain strong partnerships with people to drive end to end Vulnerability Management program
Educate the partnering teams on vulnerability management processes and security best practices, and stay updated on the latest security trends, tools, and technologies
Assist in the investigation and response to security incidents related to vulnerabilities, coordinating with incident response teams to mitigate the impact of security breaches
Publish periodic Vulnerability Management bulletin to InfoSec Leadership
Who You Are
Bachelor s degree in related filed, to include computer science, or equivalent combination of education and experience
10+ years of experience in vulnerability management, cybersecurity, or a related field
Proficiency in vulnerability assessment tools and experience with security frameworks and standards (e.g., NIST, ISO 27001)
Proven understanding of Common Vulnerability Frameworks (CVE, CVSS, OWASP Top 10)
Strong analytical and problem-solving skills, with the ability to assess complex security issues and develop effective solutions
Excellent written and verbal communication skills, with the ability to convey technical information to non-technical stakeholders
Proven ability to lead and mentor teams, and to work collaboratively with cross-functional team
Competencies:
Leads with a Growth Mindset.
Cultivates a Trusting Environment.
Drives what Matters.
Works with a 'One Team' Approach.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Compliance Computer Science CVSS Exploits Incident response ISO 27001 NIST OWASP Risk management Vulnerabilities Vulnerability management Zero-day
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.