Compliance Sr. Analyst
- Hyderabad, India
About Gap Inc.
Our past is full of iconic moments - but our future is going to spark many more. Our brands - Gap, Banana Republic, Old Navy and Athleta - have dressed people from all walks of life and all kinds of families, all over the world, for every occasion for more than 50 years.
But we're more than the clothes that we make. We know that business can and should be a force for good, and it's why we work hard to make product that makes people feel good, inside and out. It's why we're committed to giving back to the communities where we live and work. If you're one of the super-talented who thrive on change, aren't afraid to take risks and love to make a difference, come grow with us.
About the role
This position is responsible for Information Security & Compliance Programs and internal controls related to regulatory requirements. Reporting to the Information Security Compliance Senior Manager, you will be a vital part of our team responsible for keeping our Company and Customers' data safe. You will be primarily responsible for driving implementation of security controls and maintaining our security compliance program. Additionally, you will work closely with other business units to advise on risk, consult on compliance requirements, enforce policies and standards, and perform compliance assessments.
Candidate will be responsible for executing the following Information Security Compliance Program functions:
Build, implement and maintain a Common Controls Framework based on external security standards (e.g. PCI DSS, NIST, CIS, GDPR, etc.) and best practices which are applicable to Gap Inc.
Assist in developing and integrating Compliance by Design across GapTech by defining requirements and checklists for design, development and security reviews
Identify, document and map technology processes and internal controls of applicable technology infrastructure and operational areas per the scope of audit projects
Perform testing including inquiry, observation and other analysis required to meet audit and assessment objectives
Develop recommendations to remediate issues identified during assessments
Foster strong cross-functional partnerships to drive remediation of findings and execution of security compliance objectives and goals
Who you are
5+ years of relevant business experience
Master or Bachelor's (BA/BS) degree in Computer Science, Information Security, Information Technology or equivalent experience
Strong understanding of security risk management frameworks and standards such as PCI DSS, NIST, ISO 27001/27002, CIS Critical Security Controls, COBIT, COSO
Excellent interpersonal and presentation skills to collaborate with different teams inside and outside of the organization
Excellent communication skills including the ability to simplify key security messages and promote technical and personal credibility with management, and both technical and non-technical audiences
CISA / CISSP / PCI ISA or QSA (Preferred)
Benefits at Gap Inc.
- One of the most competitive paid time off plans in the industry
- Merchandise discount for our brand products at franchise stores and their websites
- Comprehensive health coverage for employees, same-sex partners and their families
- Health and wellness program: free annual health check-ups, fitness center and Employee Assistance Program
- Comprehensive benefits to support the journey of parenthood
- Retirement planning assistance
- See more of the benefits we offer.
Back to top