Information Security Compliance Manager
About Gap Inc.
Our past is full of iconic moments - but our future is going to spark many more. Our brands - Gap, Banana Republic, Old Navy, Athleta, INTERMIX and Hill City - have dressed people from all walks of life and all kinds of families, all over the world, for every occasion for more than 50 years.
But we're more than the clothes that we make. We know that business can and should be a force for good, and it's why we work hard to make product that makes people feel good, inside and out. It's why we're committed to giving back to the communities where we live and work. If you're one of the super-talented who thrive on change, aren't afraid to take risks and love to make a difference, come grow with us.
About the role
GapTech is seeking an individual who will support our Compliance Programs by leading teams and working closely with business partners to assess the risk posture for current business initiatives, partnering with key team members to drive remediation, reporting critical risks, and aligning the program against common security frameworks (NIST, CSF, etc.). This role will work closely with key members of the team to maintain ongoing compliance and reduce any identified risks across new projects.
What you'll do
- Identify, document and map technology processes and internal controls of applicable technology infrastructure and operational areas per the scope of audit projects
- Complete testing, inquiry, observation and other analysis required to meet audit and assessment objectives
- Participate in control design and process reviews with business partners to enable compliance by design
- Develop recommendations to remediate issues identified during assessments and draft results for formal communication and reporting to upper management
- Foster strong cross-functional partnerships to drive remediation of findings and execution of security compliance objectives and goals
Who you are
- Bachelors (BA/BS) degree in Computer Science, Information Security, Information Technology or equivalent experience
- 4+ years of relevant business and technical experience
- Strong understanding of security risk management frameworks and standards such as PCI, NIST, ISO 27001/27002, CIS Critical Security Controls, COBIT, COSO.
- Excellent interpersonal and presentation skills to collaborate with different teams inside and outside of the organization
- Excellent communication and influencing skills including the ability to simplify key compliance/security messages, present compelling stories and promote technical and personal credibility with management, and both technical and non-technical audiences
- CISA / CISSP (Preferred)
- Excellent and proven ability to lead and coach teams
Benefits at Gap Inc.
- Merchandise discount for our brands: 50% off regular-priced merchandise at Gap, Banana Republic and Old Navy, 30% off at Outlet and 25% off at Athleta for all employees.
- One of the most competitive Paid Time Off plans in the industry.
- Employees can take up to five "on the clock" hours each month to volunteer at a charity of their choice.
- Extensive 401(k) plan with company matching for contributions up to four percent of an employee's base pay.
- Employee stock purchase plan.
- Medical, dental, vision and life insurance.
- See more of the benefits we offer.
For eligible employees
Meet Some of Gap Inc.'s Employees
Tamika N.Production Manager, Gap Factory
As Production Manager, Tamika sources all sorts of fabrics and clothing materials in order to help bring the Design and Merchandising Team’s vision to life for Gap Factory.
Back to top