Sr Staff, Infosec Engineering
SF - 2 Folsom, United States
Gap Inc.
From company news to career opportunities, learn more about Gap Inc. and its portfolio of global brands including Old Navy, Gap, Banana Republic, and Athleta.About the Role
We are seeking a Security Engineer with diversified skillset to join our cybersecurity team. In this role, you will be responsible for planning & engineering our Risk Based Vuln. Prioritization, Cyber Efficiency, IoT security initiatives. You will work closely with cross-functional teams to identify, assess, and remediate vulnerabilities, and provide expert guidance on best practices and emerging threats.What You'll Do
Streamline organization’s Vuln. Mgmt. models to a unified risk based Vuln. Mgmt. model
Experience in Risk based Vulnerability Prioritization and remediation
Ensure compliance with industry standards and regulatory requirements related to vulnerability management, and develop and maintain vulnerability management policies, procedures, and best practices
Design, develop, and implement robust security protocols for IoT devices and networks
Conduct regular vulnerability assessments to identify security weaknesses in IoT systems
Assess the potential impact of vulnerabilities on business operations and prioritize remediation efforts accordingly, providing recommendations for risk mitigation and security improvements
Monitor Organization Network for any potential Zero Day Vulnerabilities/Exploits
Ensure Rapid Response processes are rehearsed & kept up to date to handle any Zero Day Vulnerabilities or real time attacks
Collaborate with Security Ops & Infosec leadership in developing a mitigation plan for control gaps, TTP’s, IOC’s & Threat Advisories
Assess the potential impact of vulnerabilities on business operations and prioritize remediation efforts accordingly
Educate and train staff on IoT security best practices and emerging threats
Create and maintain comprehensive documentation related to IoT security protocols, incidents, and remediation efforts
Who You Are
Bachelor's degree in Computer Science, Information Security, or a related field.
9+ years of experience in IoT Security, Vulnerability Management or a related field
Proficiency in IoT security tools and technologies, and experience with security frameworks and standards (e.g., NIST, ISO 27001)
Strong analytical and problem-solving skills, with the ability to assess complex security issues and develop effective solutions
Excellent written and verbal communication skills, with the ability to convey technical information to non-technical stakeholders
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Compliance Computer Science Exploits IoT ISO 27001 NIST Vulnerabilities Vulnerability management Zero-day
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.