Sr Staff, InfoSec Engineer - Data Security

About Gap Inc.

Our brands bridge the gaps we see in the world. Old Navy democratizes style to ensure everyone has access to quality fashion at every price point. Athleta unleashes the potential of every woman, regardless of body size, age or ethnicity. Banana Republic believes in sustainable luxury for all. And Gap inspires the world to bring individuality to modern, responsibly made essentials.     

This simple idea—that we all deserve to belong, and on our own terms—is core to who we are as a company and how we make decisions. Our team is made up of thousands of people across the globe who take risks, think big, and do good for our customers, communities, and the planet. Ready to  learn fast, create with audacity and lead boldly? Join our team.

About the Role

In this role, you will design, develop, and implement comprehensive data security solutions to protect Gap Inc’s data and information assets. You will draw upon your experience and expertise in security architecture, systems design, infrastructure, access management and cyber defense to ensure robust data protection across all platforms.

What You'll Do

What you’ll do:

• Design, develop, and implement data security solutions.
• Lead Data Security program initiatives, working with stakeholders across information security, engineering, data science, infrastructure and other teams.
• Work collaboratively with Internal security, Product Security and SOC teams on solutioning data security controls and processes.
• Demonstrate proficient knowledge of standard security practices, concepts, and relevant technologies.
• Manage technical requirements analysis and draft technical design specifications based on interpretation of functional requirements gathered through working with business and project teams.
• Ensure governance and compliance with legal and regulatory requirements while maintaining company Information Security policies, standards, and industry best practices.
• Drive automation of data security processes, as applicable.
• Develop and maintain data security architecture frameworks and standards.
• Conduct risk assessments, vulnerability analyses and threat modeling exercises to identify and mitigate security risks.
• Mentor junior Security Engineers towards achieving command of the skills necessary to perform all work-related tasks.
• Monitor and respond to security incidents and breaches, providing expert analysis and recommendations.
• Stay up to date with the latest security technologies, threats, and trends.
• Leverage Microsoft Purview to manage and monitor data security, ensuring protection across clouds, apps, and devices.
• Utilize current Data Security Posture Management (DSPM) solutions to enhance data security posture management.
• Foster strong relationships with peers in internal organizations (engineering, product, privacy, legal) as well as external partners and vendors.
• Work productively with tech teams and engineering leaders, effectively communicating security issues and ensuring they are resolved.
• Operate effectively in an agile, dynamic, fast-paced environment.

Who you are:

• Demonstrate knowledge of standard data security practices, concepts, and technologies relevant to the role.
• Demonstrate proficiency in specific security technologies, applications, standards, and methodologies.
• Experience in code reviews, configuration management screens/scripts, and deployment tools, to an extent that allows the candidate to understand tool/platform configurations.
• Ability to assess relatively complex situations and analyze data to make judgments and recommend solutions.
• Deep knowledge of data security and governance aspects around AI/ML training
• Strong knowledge of data encryption, tokenization, and other data protection technologies.
• Strong understanding of privacy and legal requirements surrounding data handling and exposure.
• Experience with security frameworks such as NIST, ISO 27001, and GDPR.
• Excellent problem-solving and analytical skills.
• Strong communication and interpersonal skills.

Who You Are

• Advanced degree in a related field (CS/Engineering/InfoSec/Data Science) or equivalent combination of education and experience.
• Relevant certifications such as CISSP, CISM, or CISA.
• Experience in an AI-first hybrid multi-cloud environment.

Benefits at Gap Inc.

• Merchandise discount for our brands: 50% off regular-priced merchandise at Old Navy, Gap, Banana Republic and Athleta, and 30% off at Outlet for all employees.
• One of the most competitive Paid Time Off plans in the industry.*
• Employees can take up to five “on the clock” hours each month to volunteer at a charity of their choice.*
• Extensive 401(k) plan with company matching for contributions up to four percent of an employee’s base pay.*
• Employee stock purchase plan.*
• Medical, dental, vision and life insurance.*
• See more of the benefits we offer.

*For eligible employees