Posted on: September 28, 2020 | Job#: 339344

Sr. Product Security Engineer

Full-time | One Harrison Street, San Francisco, CA, US 94105


We’ll send you to our application portal to get started.

About Gap Inc.

Our past is full of iconic moments — but our future is going to spark many more. Our brands — Gap, Banana Republic, Old Navy, Athleta, INTERMIX and Hill City — have dressed people from all walks of life and all kinds of families, all over the world, for every occasion for more than 50 years.

But we’re more than the clothes that we make. We know that business can and should be a force for good, and it’s why we work hard to make product that makes people feel good, inside and out. It’s why we’re committed to giving back to the communities where we live and work. If you're one of the super-talented who thrive on change, aren't afraid to take risks and love to make a difference, come grow with us. 

About the role

Gap Inc. Technology is the engine driving innovative retail, e-commerce, and global enterprise technology for Gap Inc.’s five renowned brands – Gap, Banana Republic, Old Navy, Athleta, and INTERMIX. We’re looking for exceptional talent with fresh ideas, cutting-edge skills, and a passion for retail technology. As part of our team, you’ll be exposed to hands-on learning opportunities across all facets of the Gap Inc. Technology organization, working on high-profile, big-impact projects alongside the best technologists and leaders in the industry. Ready to get started?

GapTech Information Security is the global information security function for Gap Inc. inclusive of, and across, all Gap Inc. brands. The Sr Product Security Engineer is a member of the Product Security team within GapTech Information Security, and reports to the Sr. Director of Information Security. In this role, the Sr PSEC Engineer will cater to the needs of the business, engage with product teams, be responsible for developing security standards, conducting architecture and product solutions reviews, and providing technical advisory support across hybrid multi-cloud, on-prem and retail chain environment, ensuring governance and compliance with legal and regulatory requirements, maintain Gap Inc. Information Security policies, standards, and industry best practices.

What you'll do

  • Define Product/Platform Patterns and Standards deployed or leveraged within our on-premise Gap or cloud environments
  • Provide co-developed services, code libraries, or infrastructure configurations as appropriate to secure all Customer and Employee facing Products
  • Manage application penetration testing, code scanning, and remediation capabilities in collaboration with all Product Lines
  • Advances application scanning and testing integration with CI/CD pipelines to minimize security defects and improve overall Product quality
  • Partners with Product Management and Technical Project Leadership using a consultative approach to adapt security approaches to changing business strategies and priorities with strong communication and active collaboration, across cross-functional teams and business partners
  • Partners with Security Strategy & Governance to build and maintain a security controls framework that is current and applied across all technology environments
  • Owns key initiatives of subject area, coordinating strategies with peers to maximize success

Who you are

  • Minimum 10 years of experience in information security architecture and design w/ 3+ years experience with dev/ops or cloud environments
  • You’ve demonstrated an ability to build security programs and successfully execute delivery plans leveraging cross-functional resources comprised of professionals of varying levels of ability
  • Working knowledge of relevant information security laws, regulatory standards generally accepted information security principles and accepted industry best practices
  • Experience working in a risk-based environment including mitigation, planning, and implementation
  • Operational flexibility in modifying business and operating practices to adapt to a changing environment
  • Excellent communication, collaboration, and influence with internal and external executives, and both technical and non-technical audiences
  • Bachelor’s degree in Computer Science, Information Technology or a related discipline, or equivalent, along with a certification such as CISSP, CISA, CISM, CRISC, CGEIT, ISO27001

Benefits at Gap Inc.

  • Merchandise discount for our brands: 50% off regular-priced merchandise at Gap, Banana Republic and Old Navy, 30% off at Outlet and 25% off at Athleta for all employees.
  • One of the most competitive Paid Time Off plans in the industry.*
  • Employees can take up to five “on the clock” hours each month to volunteer at a charity of their choice.*
  • Extensive 401(k) plan with company matching for contributions up to four percent of an employee’s base pay.*
  • Employee stock purchase plan.*
  • Medical, dental, vision and life insurance.*
  • See more of the benefits we offer.

*For eligible employees

Gap Inc. is an equal-opportunity employer and is committed to providing a workplace free from harassment and discrimination. We are committed to recruiting, hiring, training and promoting qualified people of all backgrounds, and make all employment decisions without regard to any protected status. We have received numerous awards for our long-held commitment to equality and will continue to foster a diverse and inclusive environment of belonging. This year, we’ve been named as one of the Best Places to Work by the Humans Rights Campaign for the fourteenth consecutive year and have been included in the 2019 Bloomberg Gender-Equality Index for the second year in a row.


We’ll send you to our application portal to get started.

Browse all jobs

Recently Viewed