Enterprise Security Architect

Gap Inc. Technology is the engine driving innovative retail, e-commerce, and global enterprise technology for Gap Inc.’s five renown brands – Gap, Banana Republic, Old Navy, Athleta and INTERMIX. We’re looking for exceptional talent with fresh ideas, cutting-edge skills, and a passion for retail technology. As part of our team, you’ll be exposed to hands-on learning opportunities across all facets of the Gap Inc. Technology organization, working on high-profile, big-impact projects alongside the best technologists and leaders in the industry. Ready to get started?

The Enterprise Security Architect reports to the Chief Information Security Officer. In this role, the Enterprise Security Architect will work closely with their architecture peers across all of GapTech to ensure that all of our customer developed platforms and technologies are architected such that all Gap Customer and Employee Data analyzed, captured, processed, and/or stored is secured. This leader will sit on the Enterprise Architecture Committee to represent Information Security principles and requirements across platforms and products built by GapTech. Scope of coverage will be internally developed applications, cloud services – IaaS and PaaS, Network Infrastructure, and Systems – ranging from OS, virtualization platforms, and automation platforms.

Key Duties

  • Development and maintenance of the Enterprise Security Architecture Model
  • Articulation of consistent security principles and technology standards that guide design engineering and deployment of secure GapTech products
  • Collaboration across Enterprise Architecture on pattern definitions that help mitigate security risks within the GapTech environment – both on premise and cloud
  • Thinks and acts strategically, staying abreast of trends and advances in IT/security solutions and monitors changes in the operating environment that affect information security
  • Provides thought leadership using business communications, active collaboration, and leading cross-functional groups to deliver security goals
  • Develops external partnerships with vendors and outside entities as appropriate
  • Takes ownership of key initiatives, coordinating strategies with other members of the InfoSec team and Business leaders to execute
  • Presents business updates, recommendations, strategic opportunities and assessments to leadership and senior management as needed
  • Develops, maintains, and communicates the Enterprise Security Architecture strategy in partnership with senior Business and GapTech leaders
  • Develops relationships with business leaders, challenging status quo on security matters
  • Provides advice and leadership on a broad range of security items and strategies
  • Hires and develops outstanding Information Security talent
  • 10 years IT Experience / 7 years IT Security Experience
  • At least 7+ years of security technology and / or compliance experience supporting production system management in a UNIX, Window, or Z/OS technical environment.
  • Security certifications or equivalent of CISSP, CCNE, RSA, or GIAC
  • Working knowledge of one or more security and IT Architecture standards including COBIT, TOGAF, Open Security Architecture, or Service Oriented Modeling Framework.
  • Demonstrated experience in the following areas: application security, firewalls, intrusion detection & prevention, perimeter appliances, domain segmentation, filtering (virus, spam, etc.), network segmentation, authentication, enterprise portals, portal based access managers, database encryption, data encryption, host intrusion detection, enterprise directories (LDAP and Active Directory), and meta-directories.
  • Demonstrated ability to build and execute complex security plans
  • Experience working with information security laws and standards generally accepted information security principles, and accepted industry best practices
  • Experience working in a risk based environment including mitigation, planning and implementation
  • Operational flexibility in modifying business and operating practices to adapt to a changing environment
  • Demonstrated ability to innovate and operate outside the comfort zone of established methods and procedures
  • Leadership characteristics as shown by a history of inspiring and motivating people to a common purpose at all levels within a company
  • Demonstrated ability to gain immediate credibility at all levels both inside and outside the organization and develop lasting, productive and collaborative relationships
  • Excellent communication and influencing skills including the ability to simplify key messages, present compelling stories and promote technical and personal credibility with internal and external executives, and both technical and non-technical audiences
  • Proven success working across organizational and geographic boundaries.

Minimum Education Level

  • Bachelor’s degree in Computer Science or Information Technology or a related discipline
  • Minimum Experience
  • Minimum 10 years of experience in information security leadership and management, 5 years minimum experience managing and developing teams.


Back to top