eDiscovery and Forensics Engineer

The Information Security Engineer works as a member of the Gap Cyber Defense Center (GCDC team). The GCDC team is part of Gap’s Information Security organization (InfoSec), working closely with infrastructure, application, and managed service provider teams to ensure the security posture of Gap’s global enterprise is maintained, including endpoint, network, server and border security.

As the Security Engineer you will:
  • Serve as Subject Matter Experts (SME) for InfoSec’s portfolio of monitoring and logging tools, providing research, expert advice, and direction on configuration and management of the tools.
  • Identify security issues and risks associated with security events reported by L1 or L2 InfoSec teams, or via alerts from various security tools, and develop remediation and/or risk mitigation plans.
  • Leverage a wide range of security technologies including, but not limited to: SIEM/syslog, IDS/IPS, malware analysis and protection, content filtering, logical access controls, identity and access management, data loss prevention, content filtering technologies, LDAP, eDiscovery, computer forensics, and security incident response
  • Participate in incident response and investigations of suspected information technology security misuse or compliance reviews as requested by Gap’s Security Council, InfoSec management, or as required when alerts are received from InfoSec threat monitoring tools and threat intelligence sources
  • Work with critical business partners, and assist in responses to internal and external compliance audits, e-Discovery data collections/processing, and corporate investigations
  • Monitor current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy
  • 1-3 years experience with e-Discovery and forensics tools and products, data protection, email protection, multiple operating systems (Windows, UNIX, Linux, etc.), and directory services (Active Directory, LDAP)
  • Knowledge of information security risks and counter-measures for Windows and Unix/Linux platforms
  • Knowledge of email protection and authentication protocols (Advanced threats, DKIM, DMARC, SPF)
  • Understanding of the Payment Card Industry (PCI) data security standards (PCI DSS) and the payment application data security standards (PA DSS) as well as experience in the implementation of controls to mitigate PCI issues.
  • Experience with multi-national large-scale enterprises.

Minimum Education Level

  • High School Diploma/GED

Minimum Experience

  • 1 year


Leave a Reply