About the Role In this role, you will be part of the Security Architecture team within Product Security. Product Security is responsible for the security of applications from conception to steady state. Security Architecture focuses on secure design, threat modeling, and serving as the Security Partner for product teams. You will build relationships and collaborate with leaders, architects, and senior members of technical and product teams to understand the technical and business context of applications and processes, influencing decisions around risk and security. What You'll Do Perform comprehensive security reviews for all projects within GapTech, including threat modeling and designing secure-by-default solutions. Develop and maintain relationships with teams delivering products within Gap Inc, including product and engineering leaders, to ensure security is integrated from the start. Act as a stakeholder and subject matter expert in decisions regarding maximum allowable risk. Collaborate with senior technical and product leads to assess project risks, required investments, and security controls. Work with teams to understand their development practices and technologies, and recommend appropriate security controls. Create and enforce security policies and standards. Assess potential security risks, communicate findings, and make recommendations to stakeholders and leadership. Partner with other Infosec teams to incorporate security feedback early and influence processes. Stay current with security trends and threats, and incorporate industry expertise into your work to protect applications and data. Provide training and education on security best practices to developers and business teams. Who You Are Senior Infosec engineer with 10+ years of experience as a security architect or security partner, or a senior developer pivoting to Infosec with relevant experience. Strong knowledge of modern web application technologies (React, Node.js, APIs, OAuth, etc.) and cloud infrastructure (Azure, GCP, Kubernetes, etc.). Experience with data engineering platforms like Databricks and BigQuery, and securing AI and machine learning frameworks, including Generative AI and LLMs. Proven expertise in AI and LLM security, integrating and securing these technologies within organizations. Excellent problem-solving skills and ability to analyze complex situations and data. Effective communication skills, capable of explaining technical concepts clearly across teams and management levels. Strong negotiation skills for influencing decisions with technical architects and business leads. Ability to prioritize and organize work effectively to meet goals. Quick understanding of technical solutions and business processes.

#J-18808-Ljbffr