Sr Staff – Infosec Engineer - Security Architecture

Sr Staff – Infosec Engineer – Security Architecture

Company	GAP
Location	San Francisco, CA, USA, New York, NY, USA
Salary	$Not Provided – $Not Provided
Type	Full-Time
Degrees
Experience Level	Expert or higher

Senior Infosec engineer with 10+ experience working as security architect or security partner with development teams.
Strong technical knowledge and understanding of modern web application technologies such as React, Node.js, APIs, OAuth, etc. and cloud infrastructure technologies such as Azure, GCP, Kubernetes, etc.
Strong technical knowledge and understanding of data engineering platforms like Databricks and BigQuery.
Proficiency and a deep understanding of risks and securing Generative AI and machine learning frameworks.
Expert in AI and large language models (LLMs), with a proven track record of integrating and securing these technologies within organizations.
Strong problem-solving skills and ability to perform technical analysis at both a high and low level of detail.
Effective written and verbal communication skills with the ability to collaborate and interact across teams and at varying levels of management.
Strong negotiation skills to influence decisions while working with senior technical architects and business leads.
Ability to filter, prioritize, and organize work appropriately to meet and exceed goals.
Aptitude to understand technical solutions and business processes quickly.

Perform comprehensive security reviews for all projects within GapTech, including threat modeling and designing secure-by-default solutions.
Develop and maintain deep relationships with various teams delivering products within Gap Inc including product and engineering leaders to ensure security is built in from the start.
Act as a key stakeholder and subject matter expert in decisions around maximum allowable risk.
Collaborate with senior technical and product leads to assess project risks and necessary security investments.
Work closely with teams to understand dev practices and technologies to build and recommend appropriate security controls.
Create security policies and standards and enforce them.
Assess and communicate potential security risks and make recommendations to stakeholders and leadership.
Collaborate and partner with other Infosec teams to incorporate feedback early in the application lifecycle.
Stay current with the latest security trends and develop industry expertise to ensure the company’s applications and data remain secure.
Provide training and education to developers and business teams on security best practices.

No preferred qualifications provided.