Sr. IT Security Engineer Job Listing at Gap Inc. in SAN FRANCISCO, CA

Retail

Title: Sr. IT Security Engineer
Location: US-CA-SAN FRANCISCO
Other Locations:
The IT Security Engineer works as a member of the IT Security-Technical Solutions team. The IT Security-Technical Solutions(‘STS’) team is part of Gap’s Enterprise IT Security organization, working closely with application development, networking, and operations groups across the Gap enterprise to ensure that new and existing applications are implemented in a manner that assures protection of Gap’s information assets, while maintaining compliance with Gap, Inc., IT Security Policies, Standards, and Procedures.

The STS team of engineers serves as a Subject Matter Expert (SME) in security for enterprise projects within Gap Inc., providing research, expert advice, and direction on security technologies throughout the Gap enterprise.

The Security Engineer has direct responsibility for working with the IT Security Architect, IT infrastructure teams, and IT project teams in developing security solutions and assessments for IT solutions deployed across the enterprise and stores infrastructure.
Responsibilities

• Serve as a Subject Matter Expert (SME) in security for enterprise projects during development phases, to provide IT Security consulting and recommendations, ensuring the implementation of approved security designs.
• As project engineer, work with business partners to implement the overall solution architecture, and provide technical leadership during the design, development, and testing phase of major initiatives.
• Work with IT Security product vendors and service providers, to evaluate potential security offerings, including product evaluations, pilots and proof of concept installations.
• Responsible for the delivery of system context, technical infrastructure, and sequence flow diagrams in addition to authoring security design documents for delivery to IT and business management.
• Support the implementation and enforcement of security and design principles according to the policies, standards, and procedures of Gap Inc.
• Research and present trade” documents, vulnerability and risk assessments to the Manager, Enterprise IT Security Engineering.

• Bachelor's degree or equivalent combination of education and experience; Bachelor's degree in computer science or related field, preferred.
• CISSP, GIAC or CISM certification, preferred.
• 5-8 years of documented security engineering experience, including experience with encryption, intrusion detection, network security, multiple operating systems (Windows, UNIX, Linux, etc.), and directory services (Active Directory, LDAP).
• Broad IT experience providing an understanding of issues that impact IT security, such as networking, messaging systems, directory services, database management tools, major applications such as MS Office suite, PeopleSoft, etc.
• Detailed knowledge and understanding of the Payment Card Industry (PCI) data security standards (PCI DSS) and the payment application data security standards (PA DSS) as well as experience in the implementation of controls to mitigate PCI issues.
• Advanced working knowledge of Unix & Linux operating systems
• In-depth knowledge of information security risks and counter-measures for Windows and Unix/Linux platforms
• Experience with multi-national large-scale enterprises.
• Experienced in leading the implementation of multiple large, multi-platform security initiatives.
• Demonstrate the strong communication skills required to discuss and present complex engineering principles and issues to both technical and non-technical business leadership and to write concise proposals and documentation.
• Must be resourceful, creative, innovative, results driven, and adaptable