Enterprise Security Architect – REMOTE

About the job

About Gap Inc.

Our brands bridge the gaps we see in the world. Old Navy democratizes style to ensure everyone has access to quality fashion at every price point. Athleta unleashes the potential of every woman, regardless of body size, age or ethnicity. Banana Republic believes in sustainable luxury for all. And Gap inspires the world to bring individuality to modern, responsibly made essentials.

This simple idea—that we all deserve to belong, and on our own terms—is core to who we are as a company and how we make decisions. Our team is made up of thousands of people across the globe who take risks, think big, and do good for our customers, communities, and the planet. Ready to  learn fast, create with audacity and lead boldly? Join our team.

About The Role

Gap Inc. Technology is the engine driving innovative retail, e-commerce, and global enterprise technology for Gap Inc.’s four renowned brands – Gap, Banana Republic, Old Navy, Athleta. We’re looking for exceptional talent with fresh ideas, cutting-edge skills, and a passion for retail technology. As part of our team, you’ll be exposed to hands-on learning opportunities across all facets of the Gap Inc. Technology organization, working on high-profile, big-impact projects alongside the best technologists and leaders in the industry. Ready to get started?

GapTech Information Security is the global information security function for Gap Inc. inclusive of and across, all Gap Inc. brands. The Enterprise Security Architect is a member of the Product Security team within GapTech Information Security, and reports to the Director, Product Security. In this role, the Security Architect will cater to the needs of the business, engage with the Enterprise and Distribution center products, its infra, and developer teams, be responsible for implementing security controls on enterprise systems, IOT devices in Distribution Centers, governing and providing technical advisory support across a rapidly modernizing and dynamic hybrid multi-cloud and retail, supply chain environment, ensuring governance and compliance with legal and regulatory requirements, maintain Gap Inc. Information Security policies, standards, and industry best practices.

GapTech Information Security is the global information security function for Gap Inc. inclusive of and across, all Gap Inc. brands. The Ecommerce & Retail Security Architect is a member of the Product Security team within GapTech Information Security, and reports to the Director, Product Security. In this role, the Security Architect will cater to the needs of the business, engage with the E-commerce and Retail products, its infra, and developer teams, be responsible for implementing security controls across all 4 customer facing Websites, IOT devices in stores, governing and providing technical advisory support across a rapidly modernizing and dynamic hybrid multi-cloud and retail, supply chain environment, ensuring governance and compliance with legal and regulatory requirements, maintain Gap Inc. Information Security policies, standards, and industry best practices.

What You’ll Do

• Leads, Builds, defines, and executes architectural patterns for secure implementation(SSDLC) of initiatives in Enterprise, Distribution center areas.
• As a Security Architect, you will provide technical direction, oversight, and execution guidance for the Security Architecture and Engineering teams as well as greater InfoSec teams.
• Assess risks and weaknesses and identify security design or implementation gaps in existing products and services. Direct remediation efforts and operationalize detect-and-response capabilities. You will incept and supervise programs to harden the
• infrastructure to secure our enterprise and Distribution center systems.
• Collaborate with other technical and security architects across other teams to maintain visibility into the evolving technical and security picture and proactively inspire change. Influence the product roadmap, work directly with leadership of GapTech to prioritize and execute them.
• Acts as a subject-matter expert around security, identity, network, storage in Azure/OCI.
• Represent Security Architecture and InfoSec in product strategy and roadmap development with GapTech’s PMs, TPMs and Engineers
• Stay informed about the security landscape – internal and external threats, regulatory requirements, policy changes and other sources – and ensure applications maintain compliance as well as security hardening.
• You will introduce policies and processes that scale engineering organization operations.

Who You Are

• 7+ years of technical experience in enterprise identity, network and data security design and architecture.
• 7+ years of technical experience within the realm of data security, including Data Loss Prevention, encryption, security monitoring, and/or Privacy.
• 7+ years of experience in Threat modeling the following areas: cloud computing, web & mobile applications, web application firewall, IoT security devices, software development.
• 5+ years of technical experience in securing platforms, APIs, Containers, micro-services & cloud services.
• Technical experience in securing data/storage/event stream technologies like Databases, storage accounts, Data lake, Kafka etc.
• Broad technical experience in several security disciplines including endpoint and platform (Unix/Linux/Windows, mobile) controls, encryption/tokenization, identity and access management, PKI, data protection, and security tooling integration in complex environments.
• Good understanding of tools and techniques used by attackers to gain entry into corporate networks, including common IT system flaws and vulnerabilities.
• Have a clear understanding of cloud computing services/deployment architecture, especially Azure, GCP and OCI.
• Technical Leader. You can drive an initiative from concept to full production deployment while maintaining security and operational excellence throughout the process. You influence other engineers with your technical depth and collaborative attitude.

Benefits at Gap Inc.

• Merchandise discount for our brands: 50% off regular-priced merchandise at Old Navy, Gap, Banana Republic and Athleta, and 30% off at Outlet for all employees.
• One of the most competitive Paid Time Off plans in the industry.*
• Employees can take up to five “on the clock” hours each month to volunteer at a charity of their choice.*
• Extensive 401(k) plan with company matching for contributions up to four percent of an employee’s base pay.*
• Employee stock purchase plan.*
• Medical, dental, vision and life insurance.*
• See more of the benefits we offer.
• For eligible employees

Gap Inc. is an equal-opportunity employer and is committed to providing a workplace free from harassment and discrimination. We are committed to recruiting, hiring, training and promoting qualified people of all backgrounds, and make all employment decisions without regard to any protected status. We have received numerous awards for our long-held commitment to equality and will continue to foster a diverse and inclusive environment of belonging. This year, we’ve been named as one of the Best Places to Work by the Human Rights Campaign for the seventeenth consecutive year and have been included in the 2021 Bloomberg Gender-Equality Index for the fourth year in a row.protected status. We have received numerous awards for our long-held commitment to equality and will continue to foster a diverse and inclusive environment of belonging. This year, we’ve been named as one of the Best Places to Work by the Human Rights Campaign for the seventeenth consecutive year and have been included in the 2021 Bloomberg Gender-Equality Index for the fourth year in a row.