Posted on: March 27, 2019 | Job#: 274559

Information Security Strategy Manager

Full-time | One Harrison Street, San Francisco, CA, US 94105


We’ll send you to our application portal to get started

About Gap Inc.

Our past is full of iconic moments — but our future is going to spark many more. Our brands — Gap, Banana Republic, Old Navy, Athleta, INTERMIX and Hill City — have dressed people from all walks of life and all kinds of families, all over the world, for every occasion for more than 50 years.

But we’re more than the clothes that we make. We know that business can and should be a force for good, and it’s why we work hard to make product that makes people feel good, inside and out. It’s why we’re committed to giving back to the communities where we live and work. If you're one of the super-talented who thrive on change, aren't afraid to take risks and love to make a difference, come grow with us. 

About the role

GapTech Information Security (InfoSec) is the global cybersecurity division of Gap Inc. inclusive of, and across, all our brands. As the InfoSec Strategy Manager, you will be responsible for the strategic planning and measurement of the Information Security program, working closely with peers across Gap Inc. to ensure alignment of goals and objectives. We are looking for a Manager with strong collaboration and influencing skills to lead complex projects and key security initiatives across multiple lines of business, other departments and external organizations. You will design and maintain robust Information Security policies and standards to align with external regulations while ensuring requirements are consumable by business teams and engineers. You will develop creative solutions to drive security awareness and education across Gap Inc. You will work closely with the broader Information Security team to deliver service to clients, including driving review of technical security and business requirements into new products and services, while ensuring compliance with external regulations such as PCI, GDPR, etc.

What you'll do

  • Lead the development, implementation and evaluation of Gap Inc.’s information security program and risk minimization programs to maintain customer trust
  • Define and measure Key Performance Indicators (leading conversations with InfoSec leaders and functional/operational peers) shared with CEO, CFO, Gap Inc SLT, and the Quarterly Board of Directors Security Dashboard
  • Measure and monitor the maturity level of established security programs and existing controls, including conducting periodic assessments to identify gaps and opportunities for improvement
  • Develop and implement a positive security awareness strategy and standardized training content for Gap Inc. employees and ensure appropriate steps are taken to ensure company wide compliance
  • Participate in the annual GapTech InfoSec Strategy review (leading facilitated discussion with InfoSec Leaders and key partners), considering year in retrospective, industry and market conditions, and forward looking business goals
  • Foster strong cross functional partnerships to drive business engagement and execution of security objectives and goals

Who you are

  • Bachelor’s degree in Computer Science, Information Technology or a related technical discipline
  • 5+ years of relevant business experience in Information Security and GRC
  • Strong working knowledge of Key Performance Indicators and security metrics
    Ability to develop structure, advance execution, and measure performance
  • within various and complex projects, teams, and environment
  • Experience working with information security laws, regulations and standards (e.g. NIST, ISO 27001/27002, PCI DSS, GDPR, SSAE 16, CIS Critical Security Controls) and accepted information security principles and best practices
  • Proven success in managing large and complex security programs in multi-tiered environments
  • Excellent communication and influencing skills including the ability to simplify key messages, present compelling stories and promote technical and personal credibility with internal and external executives, and both technical and non-technical audiences
  • Experience with forecasting and financial management
  • Preferred Certifications - CISSP, CISA, CISM

Benefits at Gap Inc.

  • Merchandise discount for our brands: 50% off regular-priced merchandise at Gap, Banana Republic and Old Navy, 30% off at Outlet and 25% off at Athleta for all employees.
  • One of the most competitive Paid Time Off plans in the industry.*
  • Employees can take up to five “on the clock” hours each month to volunteer at a charity of their choice.*
  • Extensive 401(k) plan with company matching for contributions up to four percent of an employee’s base pay.*
  • Employee stock purchase plan.*
  • Medical, dental, vision and life insurance.*
  • See more of the benefits we offer.

*For eligible employees

Gap Inc. is an equal-opportunity employer and is committed to providing a workplace free from harassment and discrimination. We are committed to recruiting, hiring, training and promoting qualified people of all backgrounds, and make all employment decisions without regard to any protected status. We have received numerous awards for our long-held commitment to equality and will continue to foster a diverse and inclusive environment of belonging. This year, we’ve been named as one of the Best Places to Work by the Humans Rights Campaign for the fourteenth consecutive year and have been included in the 2019 Bloomberg Gender-Equality Index for the second year in a row.


We’ll send you to our application portal to get started

Browse all jobs

Recently Viewed