Logo
Gap Inc.

Sr Staff, Infosec Engineer - Selling Channel Security

Gap Inc., California

Save Job

About the Role

We are seeking a Senior Staff IAM Engineer with deep expertise in designing identity and access management (IAM) solutions for APIs, customers, and microservices-based cloud environments. In this role, you will be responsible for architecting secure and scalable identity solutions that integrate seamlessly into our e-commerce platform. Your ability to collaborate, negotiate, and drive optimal security solutions with cross-functional teams—including architecture, DevSecOps, and product engineering—will be key to success.

What You'll Do

What you’ll do

  • Design and implement security solutions at scale as a key member of the Product Security organization.
  • Create repeatable processes and solutions, and implement new technologies and tools across the enterprise.
  • Drive technical and operational maturity from a security perspective across all channels.
  • Adopt an automation-first mindset to enhance productivity across operational tasks.
  • Collaborate with Architects and Engineers to maintain accurate network policy and design documentation.
  • IAM Architecture & Design: Develop and implement IAM solutions for APIs, customers, and microservices in a cloud-native e-commerce environment.
  • API Security: Design authentication and authorization mechanisms using OAuth, OpenID Connect, JWT, and mutual TLS.
  • DevSecOps Integration: Work with DevSecOps teams to embed IAM best practices into CI/CD pipelines, automating identity governance and access controls.
  • Cloud Security & IAM Governance: Define and enforce security policies for identity management across cloud platforms such as AWS, Azure, or GCP.

Requirement Qualifications and Skills

  • Expertise in IAM & API Security: Proven experience designing IAM solutions for CIAM, API security, and microservices authentication. Familiarity with vulnerabilities and attack vectors across industries like retail, e-commerce, fintech, etc.
  • Cloud-Native IAM: Hands-on experience with AWS IAM, Azure AD, GCP IAM, or third-party providers like Okta, Ping Identity, Auth0, etc.
  • Deep Protocol Knowledge: Strong understanding of OAuth 2.0, OpenID Connect, SAML, JWT, and federation architectures.
  • Microservices & DevSecOps: Experience integrating IAM with containerized workloads (Kubernetes, Docker) and securing service-to-service communication.
  • Programming & Automation: Familiarity with IaC tools like Terraform, CloudFormation, and scripting languages such as Python or Bash.
  • Security Certifications (Preferred): CISSP, CCSP, AWS Security Specialty, Azure Security Engineer, or equivalent.
  • Strong Communication & Negotiation Skills: Ability to engage with architects, developers, and security teams to align IAM strategies.

Who You Are

#J-18808-Ljbffr