Staff Infosec Engineer
Spoke - Hyderabad, India
Gap Inc.
From company news to career opportunities, learn more about Gap Inc. and its portfolio of global brands including Old Navy, Gap, Banana Republic, and Athleta.About the Role
We are seeking for a skilled and experienced Security controls specialist with ability to design, implement and manage security controls to join GAP Inc.’s cybersecurity team. In this role, you will be part of the Enterprise Security Team.Enterprise Security comprises of Endpoint Protection and Cyber Resilience groups responsible to upkeep the security state of all the systems within the organization
What You'll Do
Roles & Responsibilities:
- Meticulous in ensuring all defined security measures are thoroughly implemented and well maintained
- Ability to Architect, implement and management of Endpoint Security controls like EDR, Anti Ransomware, SBOM, FIM, Local Firewalls, CASB, etc..
- Develop and maintain a comprehensive Software Bill of Materials (SBOM) for all software components used within the organization
- Collaborate with Security Ops & Infosec leadership in developing a mitigation plan for control gaps, TTP’s, IOC’s & Threat Advisories
- Supports Compliance & Risk Management activities related to Endpoint Security
- Ensure compliance with industry standards and regulatory requirements related to SBOM and endpoint protection, and develop and maintain relevant policies, procedures, and best practices
- Provide technical support, including monitoring, reporting, and tool administration
- Maintain and update documentations & architectural workflows of security solutions
- Configure and manage the logging of security controls from various sources into the SIEM solution
- Create and manage plans for implementation projects and keep them current
- Raise concerns to management regarding endpoint security deficiencies or enhancements that need to be addressed
- Educate the partnering teams on SBOM & Endpoint Protection processes and security best practices, and stay updated on the latest security trends, tools, and technologies
- Assist in the investigation and response to security incidents related to vulnerabilities, coordinating with incident response teams to mitigate the impact of security breaches
Who You Are
What are we looking for ?
- Bachelor's degree in Computer Science, Information Security, or a related field. Advanced degrees and relevant certifications (e.g., CISSP, CISM, CEH) are preferred.
- 10+ years of directly related experience in SBOM Management, Endpoint Protection, Cybersecurity or related field
- Proficiency in SBOM tools and endpoint protection solutions, and experience with security frameworks and standards (e.g., NIST, ISO 27001)
- Strong analytical and problem-solving skills, with the ability to assess complex security issues and develop effective solutions
- Excellent written and verbal communication skills, with the ability to convey technical information to non-technical stakeholders
- Proven understanding of Common Vulnerability Frameworks (CVE, CVSS, OWASP Top 10)
- Proven ability to lead and mentor teams, and to work collaboratively with cross-functional teams
Competencies:
- Leads with a Growth Mindset.
- Cultivates a Trusting Environment.
- Drives what Matters.
- Works with a 'One Team' Approach.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Categories:
Leadership Jobs
Security Engineering Jobs
Tags: CASB CEH CISM CISSP Compliance Computer Science CVSS EDR Endpoint security Firewalls Incident response ISO 27001 Monitoring NIST OWASP Risk management SBOM SIEM Vulnerabilities
Region:
Asia/Pacific
Country:
India
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information System Security Officer jobsInformation Security Specialist jobsSenior Security Analyst jobsSenior Cloud Security Engineer jobsSystems Engineer jobsSenior Cybersecurity Engineer jobsSystems Administrator jobsSenior Information Security Analyst jobsInformation Security Manager jobsCyber Security Specialist jobsSenior Network Security Engineer jobsIT Security Analyst jobsChief Information Security Officer jobsIT Security Engineer jobsSecurity Consultant jobsSecurity Specialist jobsInformation System Security Officer (ISSO) jobsInformation Systems Security Engineer jobsSenior Information Security Engineer jobsSenior Cyber Security Engineer jobsSenior Product Security Engineer jobsCyber Threat Intelligence Analyst jobsCyber Security Architect jobsSecurity Operations Analyst jobsCybersecurity Specialist jobs
TS/SCI jobsEDR jobsSaaS jobsBash jobsJava jobsTop Secret jobsThreat detection jobsTerraform jobsSplunk jobsRMF jobsIDS jobsSDLC jobsIPS jobsSOC 2 jobsSQL jobsMalware jobsFinance jobsForensics jobsCompTIA jobsDocker jobsActive Directory jobsGIAC jobsIntrusion detection jobsITIL jobsDoDD 8570 jobs
VPN jobsOWASP jobsHIPAA jobsCRISC jobsIT infrastructure jobsAnsible jobsTCP/IP jobsCCSP jobsData Analytics jobsClearance Required jobsNIST 800-53 jobsOSCP jobsMITRE ATT&CK jobsBanking jobsZero Trust jobsCISO jobsUNIX jobsSOAR jobsDNS jobsIndustrial jobsJira jobsSOX jobsEndpoint security jobsPolygraph jobsJavaScript jobs