Sr Staff Infosec Engineer

About Gap Inc.

Our past is full of iconic moments — but our future is going to spark many more. Our brands — Gap, Banana Republic, Old Navy and Athleta — have dressed people from all walks of life and all kinds of families, all over the world, for every occasion for more than 50 years.

But we’re more than the clothes that we make. We know that business can and should be a force for good, and it’s why we work hard to make product that makes people feel good, inside and out. It’s why we’re committed to giving back to the communities where we live and work. If you're one of the super-talented who thrive on change, aren't afraid to take risks and love to make a difference, come grow with us. 

About the Role

We are seeking for an experienced Compliance specialist part of the GAP Inc’s Cyber Security team. In this role, you will be responsible for strategizing and protecting organization’s information and data. You will build relationships and collaborate with senior members of technical and product teams to understand the technical & business context around applications and processes and influence decisions around improving the security and compliance state of the organization

What You'll Do

• Operations teams to ensure comprehensive compliance efforts
• Ensure compliance with PCI DSS, SOX, and other relevant regulations and standards
• Develop and implement TPRM frameworks to assess and mitigate risks associated with third-party vendors
• Conduct comprehensive risk assessments to identify, evaluate, and address potential compliance and security risks
• Create and enforce policies and procedures to ensure compliance with regulatory requirements
• Lead internal and external audits, ensuring all compliance requirements are met and documented
• Manage and respond to compliance-related incidents, including investigation and remediation
• Educate employees and third-party vendors on compliance requirements and best practices
• Prepare and present compliance reports to senior management and regulatory bodies
• Continuously monitor and improve compliance processes to adapt to changing regulations and business needs
• Work closely with other departments to integrate compliance measures into all aspects of the organization

Who You Are

• Minimum of 12 years in compliance management, with a strong background in PCI DSS, SOX, TPRM, and risk management
• Proficiency in compliance tools and technologies, including risk assessment and management frameworks
• Relevant certifications such as CISA, CISM, CRISC, or equivalent
• Strong analytical and problem-solving skills to identify and mitigate compliance risks.
• Excellent verbal and written communication skills to effectively convey compliance concepts to non-technical stakeholders
• Demonstrated leadership abilities with experience in mentoring a team
• Bachelor s degree in related filed, to include computer science, or equivalent combination of education and experience
• Keen attention to detail to ensure thorough and accurate compliance assessments and implementations
• Ability to adapt to rapidly changing regulatory landscapes and emerging compliance requirements
• High ethical standards and integrity in handling sensitive compliance matters

• Leads with a Growth Mindset.
• Cultivates a Trusting Environment.
• Drives what Matters.

Works with a 'One Team' Approach

Benefits at Gap Inc.

• One of the most competitive paid time off plans in the industry
• Comprehensive health coverage for employees, same-sex partners and their families
• Health and wellness program: free annual health check-ups, fitness center and Employee Assistance Program
• Comprehensive benefits to support the journey of parenthood
• Retirement planning assistance
• See more of the benefits we offer.