About Gap Inc.
Our past is full of iconic moments — but our future is going to spark many more. Our brands — Gap, Banana Republic, Old Navy, Athleta, INTERMIX and Hill City — have dressed people from all walks of life and all kinds of families, all over the world, for every occasion for more than 50 years.
But we’re more than the clothes that we make. We know that business can and should be a force for good, and it’s why we work hard to make product that makes people feel good, inside and out. It’s why we’re committed to giving back to the communities where we live and work. If you're one of the super-talented who thrive on change, aren't afraid to take risks and love to make a difference, come grow with us.
About the role
Gap Inc. Technology is the engine driving innovative retail, e-commerce, and global enterprise technology for Gap Inc.’s five renowned brands – Gap, Banana Republic, Old Navy, Athleta, and INTERMIX. We’re looking for exceptional talent with fresh ideas, cutting-edge skills, and a passion for retail technology. As part of our team, you’ll be exposed to hands-on learning opportunities across all facets of the Gap Inc. Technology organization, working on high-profile, big-impact projects alongside the best technologists and leaders in the industry. Ready to get started?
GapTech Information Security is the global information security function for Gap Inc. inclusive of, and across, all Gap Inc. brands. The Director of Security Operations is the leader of the global Cyber Defense Center team within GapTech Information Security, and reports to the Sr. Director of Information Security. In this role, the Director of SecOps will be responsible for the management and oversight of our Incident Response, Threat Intelligence, Red/Penetration Testing, and Forensics capabilities. This leader will also be responsible for the definition and execution of an evergreen strategy to increasing push the limits of our platforms from a reactive to a predictive threat response capability. This leader also has a critical role within the Cyber Security and Incident Response Team (CSIRT), coordinating all incident response activities across GapTech and working with the larger Business Continuity and/or Data Breach Response team during any suspected or actual data breach or information security event.
What you'll do
Lead the response to Cyber Security threats and incidents for the collection, analysis, and preservation of digital evidence by collaborating with Corporate and Business Unit stakeholders and directing computer incident response and forensics program operations including managing both internal and external technical resources
Ensure that all incidents are recorded and tracked to meet audit, compliance, and legal requirements, conduct root cause analysis to identify gaps and recommendations ultimately remediating risks, and providing expertise and knowledge of current industry trends in technology and cybersecurity risk standards to improve the security posture across the firm
Develop and implement people, processes, and technologies to combat the range of threat actors targeting the organization and industry, including serving as the management and technical escalation point for the Cyber Defense Center, hiring and developing outstanding Information Security talent, and continuously improving the CDC’s capabilities by learning about and investing in the state-of-the-art.
Present business updates, recommendations, strategic opportunities, and assessments to leadership and senior management as needed and prepare security reports by collecting, analyzing, and summarizing data and trends
Implement CDC strategies by anticipating requirements, trends, and variances; developing action plans; measuring and analyzing results; initiating corrective actions; minimizing the impact of variances.
Plan/implement tools and capabilities by evaluating prevention, deterrent, detection, alert, profiling; identifying risks, weaknesses, and suspicious activities; developing safeguard policies, procedures, and controls; adhering to industry standards.
Coordinates technical investigations in response to and in support of e-commerce and rewards fraud with law enforcement, Corporate Security and Gap Loss Prevention.
Who you are
Subject Matter Expertise in the area of security incident response and analysis of security events from multiple sources, including but not limited to events from Security Information Monitoring tools / SEIMs, network and host-based intrusion detection systems, firewall logs, system logs (UNIX and Windows), mainframes, mid-range, applications, databases, and cloud
Demonstrated ability to innovate and operate outside the comfort zone of established methods and procedures coupled with leadership characteristics as shown by a history of inspiring and motivating people to a common purpose at all levels within a company.
Deep knowledge of relevant information security laws, regulatory standards, generally accepted information security principles, and accepted industry best practices, especially from a PCI / payment, financial services, e-commerce, or other regulated industry (e.g. Fintech, healthcare, defense, etc)
Experience working in a risk-based environment including mitigation, planning, and implementation
Operational flexibility in modifying business and operating practices to adapt to a changing environment
Excellent communication, collaboration, and influence with internal and external executives, and both technical and non-technical audiences
Bachelor’s degree in Computer Science, Information Technology or a related discipline, or equivalent, along with a certification such as CISSP, CISM, or SANS GIAC Certified Incident Handler/Intrusion Analyst
Benefits at Gap Inc.
- Merchandise discount for our brands: 50% off regular-priced merchandise at Gap, Banana Republic and Old Navy, 30% off at Outlet and 25% off at Athleta for all employees.
- One of the most competitive Paid Time Off plans in the industry.*
- Employees can take up to five “on the clock” hours each month to volunteer at a charity of their choice.*
- Extensive 401(k) plan with company matching for contributions up to four percent of an employee’s base pay.*
- Employee stock purchase plan.*
- Medical, dental, vision and life insurance.*
- See more of the benefits we offer.
*For eligible employees
Gap Inc. is an equal-opportunity employer and is committed to providing a workplace free from harassment and discrimination. We are committed to recruiting, hiring, training and promoting qualified people of all backgrounds, and make all employment decisions without regard to any protected status. We have received numerous awards for our long-held commitment to equality and will continue to foster a diverse and inclusive environment of belonging. This year, we’ve been named as one of the Best Places to Work by the Humans Rights Campaign for the fourteenth consecutive year and have been included in the 2019 Bloomberg Gender-Equality Index for the second year in a row.
Browse all jobs