Sr Staff, InfoSec Engineer - InfraSec

About the Role

We are hiring a highly skilled and experienced Senior Infrastructure Security Engineer. In this role, you will be responsible for designing, implementing, and maintaining the security posture of our network and cloud infrastructure. You will play a key role in identifying and mitigating security risks, ensuring compliance with industry best practices and regulations, and driving continuous improvement in our security operations. You will be a subject matter expert, mentoring junior engineers, and collaborating with cross-functional teams to deliver secure and reliable infrastructure solutions.

Key Responsibilities:

• Provide Infrastructure Security Design & Implementation, delivering robust security controls for cloud (Azure, GCP, OCI), on-premises, and hybrid infrastructure environments.
• Develop and maintain infrastructure security architecture diagrams and documentation.
• Configure and manage security tools and technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), Network Access Controls (NAC), VPN & Zero Trust Network Access.
• Ensure compliance with relevant security standards and regulations (e.g., ISO 27001, NIST, SOC 2, PCI DSS) and participate in security audits and assessments.
• Develop and maintain deep relationships with various teams delivering products within Gap Inc, including product and engineering leaders, to ensure security is integrated from the start.
• Build security policies and standards and enforce them.
• Assess and communicate potential security risks, making recommendations to stakeholders and leadership. Collaborate with other Infosec teams to incorporate feedback early in the product lifecycle and influence processes across Infosec.
• Stay current with the latest security trends and threats, developing industry expertise to incorporate into your work, ensuring the company's applications and data remain secure.

Experience:

• Senior Infrastructure Security Engineer with 5+ years of experience working as a security engineer.
• Strong technical knowledge of modern network & cloud security platforms and services such as Palo Alto NGF & PRISMA, ClearPass, VPN, SD-WAN, ZTNA, and cloud infrastructure security technologies like Azure and GCP (AFW, AppGW, Cloud Armor).
• Experience with modern compute architectures such as Docker/Kubernetes & Serverless.
• Experience with security automation & orchestration, including infrastructure-as-code (IaC) tools like Terraform, ARM, and cloud IaaS/PaaS automation.

Skills:

• Strong problem-solving skills and ability to perform technical analysis at both high and low levels. Capable of assessing complex situations and analyzing data to recommend solutions.
• Effective written and verbal communication skills, with the ability to collaborate across teams and levels of management. Able to explain difficult concepts simply.
• Ability to prioritize and organize work effectively to meet goals.
• Aptitude for understanding technical solutions and business processes quickly.
• Strong negotiation skills to influence decisions with senior technical architects and business leads.

Education:

• Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).