• Job Description

  Req#: R202449

  About the Role

  Build security into every release—and grow into leadership with full support.
  
  You’ll design the pipelines, tools, and guardrails that let developers ship fast and safe. From day one, you’ll own high-impact decisions on automation, cloud infrastructure, and security strategy—trusted with autonomy and backed with mentorship to reach your next career level.
  
  You’ll go deep technically while gaining visibility across engineering, product, and leadership. You’ll drive how applications move from code to production—integrating security into CI/CD, shaping cloud architecture, and setting standards teams rely on. As you embed yourself with squads, you’ll build the influence to lead initiatives, not just implement them.
  
  Your work will secure more than systems—it will shape how the business delivers software with confidence. You’ll work across multiple clouds (Azure, GCP), modern CI/CD platforms, and the latest security tooling—covering everything from runtime protection to code scanning—staying sharp through continuous learning and real-world challenges.
  
  Every win builds your leadership track record.

  What You'll Do

  • Designing and operating secure CI/CD pipelines with automated testing, SAST/DAST scanning, dependency checks, and secrets detection
  • Implementing and tuning cloud security tools to monitor posture, runtime, and code security, ensuring continuous compliance and risk reduction
  • Driving API security best practices and runtime protection across services and microservices
  • Building and maintaining cloud infrastructure security controls using Terraform, Kubernetes, and container security best practices
  • Embedding security into development workflows by partnering directly with product and engineering teams
  • Monitoring vulnerabilities, triaging incidents, and driving rapid response across services and environments
  • Setting policies and standards that balance speed of delivery with strong security posture

  Who You Are

  • Strong problem-solving skills with both strategic and hands-on depth in DevOps or security engineering
  • Experience with CI/CD tools (GitHub Actions, Jenkins, or similar) and at least one scripting language (Python, Bash, Go, etc.)
  • Solid understanding of cloud security concepts (IAM, network segmentation, secrets management) across Azure or GCP
  • Hands-on familiarity with cloud security platforms such as Prisma Cloud and endpoint protection solutions like CrowdStrike for posture, runtime, and code analysis
  • Experience implementing API security controls and embedding security practices throughout the software development lifecycle
  • Confidence communicating security priorities with developers, stakeholders, and executives
  • Background in Computer Science, Security, or equivalent practical experience

• About the company

  Gap Inc. is the largest specialty retailer in the United States, and is 3rd in total international locations, behind Inditex Group and H&M. As of September 2008, the company has approximately 135,000 employees and operates 3,727 stores worldwide, of which 2,406 are located in the U.S.

Notice