Posted on: July 3, 2019 | Job#: 284194

Security Engineer – Privileged Access Management & PKI

Full-time | Pleasanton, CA, US


We’ll send you to our application portal to get started

About Gap Inc.

Our past is full of iconic moments — but our future is going to spark many more. Our brands — Gap, Banana Republic, Old Navy, Athleta, INTERMIX and Hill City — have dressed people from all walks of life and all kinds of families, all over the world, for every occasion for more than 50 years.

But we’re more than the clothes that we make. We know that business can and should be a force for good, and it’s why we work hard to make product that makes people feel good, inside and out. It’s why we’re committed to giving back to the communities where we live and work. If you're one of the super-talented who thrive on change, aren't afraid to take risks and love to make a difference, come grow with us. 

About the role

As a part of our technology organization, you will have the opportunity to build next generation solutions that will transform the way our customers interact with our family of iconic brands. Our team employs a DevOps model, allowing our product teams to have full ownership of design, build and operate with immense scale. From distributed computing, to artificial intelligence, mobile, big data and cloud computing, you will have the opportunity to build a career that allows you to make an impact all while learning new technical and leadership skills. We are inspired by new challenges and push ourselves to create what’s next in this dynamic industry. Come join this diverse team and grow with us.

GapTech InfoSec is looking to hire a Security Engineer (PAM/PKI) to expand its Secrets & Certificate Management Program. The PAM/PKI Engineer will be joining the Identity and Access Management group and will design, develop, implement, support and build user adoption for the Secrets/Certificate Management program. This position provides a great opportunity for a mid-level engineer to be part of a team of experienced engineers in a fast paced, dynamic environment and hone their skills in one of the hottest areas within Information Security.

What you'll do

  • The PAM/PKI Engineer is expected to design software solutions independently and as part of a team. Typical solutions consist of customizable COTS products, custom developed modules and integrations with existing systems.
  • The PAM/PKI Engineer should be able to design solutions that would meet the functional, performance, security and operational requirements of the solution.
  • The PAM/PKI Engineer is expected to work with product vendors, architects and/or Security SMEs to apply best practices and organizational security requirements in to the design of the solution.
  • The PAM/PKI Engineer will proactively identify areas of improvement or enhancements of the solution.
  • The PAM/PKI Engineer is expected to be hands-on and build technical solutions that would include installing pre-packaged software, configuring COTS solutions or coding custom solutions. Though the position is not a developer position, development experience is helpful.
  • The PAM/PKI Engineer is expected to configure/develop integrations with a variety of end points including Windows, Mac, Linux Servers/Workstations, Network devices, mobile devices and Cloud IaaS/PaaS/SaaS systems.
  • The PAM/PKI Engineer is expected to manage implementation efforts including change management, coordination with infrastructure teams, orchestration of the implementation plan and implementation related communications.
  • The PAM/PKI Engineer is expected to perform impact analysis for new implementations.
  • The PAM/PKI Engineer is expected to perform administration of the PAM/PKI solutions and underlying infrastructure components.
  • The PAM/PKI Engineer is expected to perform regular maintenance of the solution including product upgrades and patching underlying infrastructure.
  • The PAM/PKI Engineer is expected to report Key Performance Indicators (KPIs) of the PAM/PKI solution on a periodic basis.
  • The PAM/PKI Engineer is expected to be responsible for monitoring and maintaining slated SLAs of the PAM/PKI systems, with assistance from supporting teams.
  • The PAM/PKI Engineer is expected to troubleshoot issues, perform Root Cause Analysis (RCA) and provide guidance to other supporting teams.
  • The PAM/PKI Engineer is expected to handle escalations from other supporting teams for end user support and enhancement requests.

Who you are

  • 8+ years of experience as a Security Engineer working on Secrets Management/Privileged Access Management Solutions – Thycotic Secret Server, BeyondTrust, CyberArk, Centrify or other PAM solutions
  • 2+ years of experience working with DevOps secrets management tools like HashiCorp Vault, Conjur, Chef Vault.
  • 3+ years of experience working with REST APIs.
  • 3+ years of experience working in Identity & Access Management and familiarity with IAM Tools and Processes.
  • 2+ years of experience working with Cloud IaaS/Paas, preferably Azure and O
  • Hands-on expert level experience in a PAM solution like CyberArk, Thycotic Secret Server, BeyondTrust, Centrify etc
  • Extensive knowledge of Active Directory, LDAP and directory services
  • Experience with IAM Technology/Tools – IDM, MFA, SSO
  • Cloud Experience – Azure and OCI
  • Development experience – Java, .Net or Server Side JS
  • CLI/Scripting – Windows/UNIX commands and Powershell/Bash or Python
  • Experience with SIEM tools – Splunk preferred. Ability to detect anomalies and threats.
  • Encryption Keys/ SSH Keys/ Key Rotation
  • Ability to deliver results with minimal guidance
  • Ability to communicate ideas effectively to team members
  • Ability to multi task, change focus based on prioritization, work in a high-pressure, fast-moving environment
  • Good written and verbal communication skills.
  • Ability to influence the strategy in the PAM/PKI space by consistently comparing current processes with regulatory requirements and current industry best practices
  • Bachelor degree in Computer Science/engineering or equivalent
  • Security certifications: CISSP, CISM, CISA, CEH, etc. preferred

Benefits at Gap Inc.

  • Merchandise discount for our brands: 50% off regular-priced merchandise at Gap, Banana Republic and Old Navy, 30% off at Outlet and 25% off at Athleta for all employees.
  • One of the most competitive Paid Time Off plans in the industry.*
  • Employees can take up to five “on the clock” hours each month to volunteer at a charity of their choice.*
  • Extensive 401(k) plan with company matching for contributions up to four percent of an employee’s base pay.*
  • Employee stock purchase plan.*
  • Medical, dental, vision and life insurance.*
  • See more of the benefits we offer.

*For eligible employees

Gap Inc. is an equal-opportunity employer and is committed to providing a workplace free from harassment and discrimination. We are committed to recruiting, hiring, training and promoting qualified people of all backgrounds, and make all employment decisions without regard to any protected status. We have received numerous awards for our long-held commitment to equality and will continue to foster a diverse and inclusive environment of belonging. This year, we’ve been named as one of the Best Places to Work by the Humans Rights Campaign for the fourteenth consecutive year and have been included in the 2019 Bloomberg Gender-Equality Indexfor the second year in a row.


We’ll send you to our application portal to get started

Browse all jobs

Recently Viewed