About the role --

We are seeking a skilled and experienced Security Engineer with a strong background in Splunk, SIEM (Security Information and Event Management), and SOAR (Security Orchestration, Automation, and Response) technologies. The ideal candidate will be responsible for designing, implementing, and managing security systems and tools, with a focus on monitoring, incident detection, and automated response processes. This role requires a deep understanding of cybersecurity principles, hands-on technical expertise, and a proactive approach to threat detection and mitigation.

Splunk Administration:
•Design, configure, and maintain Splunk environments.
•Develop and manage dashboards, alerts, and reports to monitor security events.
•Integrate various data sources into Splunk for comprehensive security analysis.
•Optimize Splunk performance by tuning and managing indexes, searches, and system configurations.
SIEM Management:
•Deploy, configure, and manage SIEM solutions.
•Develop and maintain correlation rules, alerts, and reports to detect and respond to security incidents.
•Monitor and analyze SIEM logs to identify potential security threats and vulnerabilities.
•Collaborate with other IT teams to ensure comprehensive data collection and integration into the SIEM.
SOAR Implementation:
•Design and implement SOAR playbooks to automate incident response processes.
•Integrate SOAR solutions with existing security tools and platforms.
•Collaborate with SOC (Security Operations Center) and incident response teams to streamline and automate response actions.
•Continuously improve SOAR playbooks based on feedback and evolving threats.
Threat Detection & Incident Response:
•Proactively monitor and analyze security events to identify potential incidents.
•Lead incident response efforts, including investigation, containment, and remediation.
•Provide expert analysis on security incidents and collaborate with teams to implement corrective actions.
•Perform root cause analysis to prevent recurrence of security incidents.
Documentation & Reporting:
•Document all security incidents, response actions, and outcomes.
•Prepare detailed reports for management on security events, trends, and recommendations.
•Maintain up-to-date documentation of security tools, configurations, and processes.
Collaboration & Training:
•Work closely with IT, DevOps, and other teams to ensure secure systems and processes.
•Provide training and guidance to junior security staff and other stakeholders.
•Participate in security audits and assessments to ensure compliance with industry standards and regulations.
What You'll Do

What are we looking for ?

• Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience).
• Over all 8+ and Minimum 5 years of experience in cybersecurity, with a focus on Splunk, SIEM, and SOAR technologies.
• Hands-on experience in deploying and managing Splunk environments.
• Experience with various SIEM platforms (e.g., Splunk, QRadar, ArcSight) and SOAR tools (e.g., Splunk SOAR, Demisto, Tines).
• Strong understanding of security frameworks, threat landscapes, and incident response methodologies.
• Proficiency in scripting languages (e.g., Python, Bash) for automation and integration tasks.
• Strong analytical skills and ability to interpret complex data sets.
• Excellent problem-solving abilities and attention to detail.
• Strong communication skills, with the ability to convey technical information to non-technical stakeholders.

Who You Are

• Certifications (preferred):
• Splunk Certified Admin/Architect
• Certified Information Systems Security Professional (CISSP)
• GIAC Certified Incident Handler (GCIH)
• Certified Ethical Hacker (CEH)

Benefits at Gap Inc.

• One of the most competitive paid time off plans in the industry
• Comprehensive health coverage for employees, same-sex partners and their families
• Health and wellness program: free annual health check-ups, fitness center and Employee Assistance Program
• Comprehensive benefits to support the journey of parenthood
• Retirement planning assistance
• See more of the benefits we offer.

Gap Inc. is an equal-opportunity employer and is committed to providing a workplace free from harassment and discrimination. We are committed to recruiting, hiring, training and promoting qualified people of all backgrounds, and make all employment decisions without regard to any protected status. We have received numerous awards for our long-held commitment to equality and will continue to foster a diverse and inclusive environment of belonging. In 2022, we were recognized by Forbes as one of the World's Best Employers and one of the Best Employers for Diversity.