Staff Engineer - Devsecops
Gap
Staff Engineer - DevSecOps
Build security into every release—and grow into leadership with full support. You'll design the pipelines, tools, and guardrails that let developers ship fast and safe. From day one, you'll own high-impact decisions on automation, cloud infrastructure, and security strategy—trusted with autonomy and backed with mentorship to reach your next career level. You'll go deep technically while gaining visibility across engineering, product, and leadership. You'll drive how applications move from code to production—integrating security into CI/CD, shaping cloud architecture, and setting standards teams rely on. As you embed yourself with squads, you'll build the influence to lead initiatives, not just implement them. Your work will secure more than systems—it will shape how the business delivers software with confidence. You'll work across multiple clouds (Azure, GCP), modern CI/CD platforms, and the latest security tooling—covering everything from runtime protection to code scanning—staying sharp through continuous learning and real-world challenges. Every win builds your leadership track record.
Designing and operating secure CI/CD pipelines with automated testing, SAST/DAST scanning, dependency checks, and secrets detection
Implementing and tuning cloud security tools to monitor posture, runtime, and code security, ensuring continuous compliance and risk reduction
Driving API security best practices and runtime protection across services and microservices
Building and maintaining cloud infrastructure security controls using Terraform, Kubernetes, and container security best practices
Embedding security into development workflows by partnering directly with product and engineering teams
Monitoring vulnerabilities, triaging incidents, and driving rapid response across services and environments
Setting policies and standards that balance speed of delivery with strong security posture
Strong problem-solving skills with both strategic and hands-on depth in DevOps or security engineering
Experience with CI/CD tools (GitHub Actions, Jenkins, or similar) and at least one scripting language (Python, Bash, Go, etc.)
Solid understanding of cloud security concepts (IAM, network segmentation, secrets management) across Azure or GCP
Hands-on familiarity with cloud security platforms such as Prisma Cloud and endpoint protection solutions like CrowdStrike for posture, runtime, and code analysis
Experience implementing API security controls and embedding security practices throughout the software development lifecycle
Confidence communicating security priorities with developers, stakeholders, and executives
Background in Computer Science, Security, or equivalent practical experience
Merchandise discount for our brands: 50% off regular-priced merchandise at Old Navy, Gap, Banana Republic and Athleta, and 30% off at Outlet for all employees.
One of the most competitive Paid Time Off plans in the industry.
Employees can take up to five "on the clock" hours each month to volunteer at a charity of their choice.
Extensive 401(k) plan with company matching for contributions up to four percent of an employee's base pay.
Employee stock purchase plan.
Medical, dental, vision and life insurance.
*For eligible employees