Staff Infosec Engineer

Gap

Gap

IT
Hyderabad, Telangana, India
Posted on Apr 21, 2025

About the Role

We are seeking an experienced DevSecOps Strategist to join GAP Inc.’s cybersecurity team. In this role, you will be responsible for integrating security practices into the DevOps pipeline, ensuring that our applications and infrastructure are secure from development through deployment and beyond. You will work closely with product teams to address security needs, manage engineering tasks, handle incidents, and provide support in a hybrid cloud environment.

What You'll Do

Roles & Responsibilities:

  • Ensure security is embedded throughout the Software Development Life Cycle (SDLC) from design to deployment.
  • Develop and implement automated security testing and compliance checks within CI/CD pipelines.
  • Identify, evaluate, and address security risks and vulnerabilities in software and infrastructure.
  • Continuously monitor systems for security breaches and respond promptly to incidents.
  • Create and enforce security policies and procedures to protect organizational assets.
  • Work closely with development, operations, and security teams to foster a culture of security.
  • Educate team members on security best practices and their roles in maintaining security.
  • Ensure all processes comply with relevant security standards and regulations.
  • Keep up-to-date with the latest security trends, threats, and technologies.

Who You Are

What are we looking for ?

  • Bachelor s degree in related filed, to include computer science, or equivalent combination of education and experience
  • Minimum of 8 years in DevSecOps or related fields, with a strong background in integrating security into DevOps practices.
  • Proficiency in security tools and technologies, including threat modeling, risk assessment, and vulnerability management.
  • Extensive exposure to Container Security, Securing IaC, CSPM, Secret Scanning & API Security.
  • Hands on experience in Prisma Cloud, Hashicorp Vault Radar, Noname and other similar tools.
  • Strong coding and scripting abilities in languages such as Python, Java, or Ruby.
  • Experience with cloud security principles and tools, including secure architecture design and configuration management.
  • Familiarity with automation tools and practices, particularly in the context of security.
  • Excellent communication skills to effectively collaborate with cross-functional teams.
  • Ability to adapt to rapidly changing security landscapes and emerging threats.
  • Keen attention to detail to ensure thorough and accurate security assessments and implementations.
  • Relevant certifications such as Certified DevSecOps Engineer (CDSE), CISSP, or equivalent.

Competencies:

  • Leads with a Growth Mindset.
  • Cultivates a Trusting Environment.
  • Drives what Matters.
  • Works with a 'One Team' Approach.