Gap Inc.
Sr Staff, Infosec Engineer - Selling Channel Security
Gap Inc., New York, New York, us, 10261
Sr Staff, Infosec Engineer - Selling Channel Security
Full time 55 Thomas Street, New York, NY, US 10013 We are seeking a Senior Staff IAM Engineer with deep expertise in designing identity and access management (IAM) solutions for APIs, customers, and microservices-based cloud environments. In this role, you will be responsible for architecting secure and scalable identity solutions that integrate seamlessly into our e-commerce platform. Your ability to collaborate, negotiate, and drive optimal security solutions with cross-functional teamsincluding architecture, DevSecOps, and product engineeringwill be key to success. What you'll do As a key member of the Product Security organization, you will be designing and implementing cutting-edge security solutions at scale. Design and Engineer repeatable processes/solutions and implementation of new technologies and tools across the enterprise technology footprint. Help drive technical and operational maturity from a security standpoint across all of Gap channels. Bring an automation-first mindset to drive productivity across all operational tasks. Work with Architects and Engineers to maintain accurate and reliable documentation of our network policy and design. Develop and implement IAM solutions for APIs, customers, and microservices in a cloud-native e-commerce environment. Design robust authentication and authorization mechanisms, including OAuth, OpenID Connect, JWT, and mutual TLS. Partner with DevSecOps teams to embed IAM best practices into CI/CD pipelines, automating identity governance and access controls. Define and enforce security policies for identity management across cloud platforms (AWS, Azure, or GCP). Requirement Qualifications and Skills Expertise in IAM & API Security: Proven experience designing IAM solutions for customer identity (CIAM), API security, and microservices authentication. Strong familiarity with common vulnerabilities and attack vectors across various industries retail, ecom, fintech etc. Cloud-Native IAM: Hands-on experience with AWS IAM, Azure AD, GCP IAM, or third-party identity providers (Okta, Ping Identity, Auth0, etc.). Deep Protocol Knowledge: Strong understanding of OAuth 2.0, OpenID Connect, SAML, JWT, and federation architectures. Microservices & DevSecOps: Experience integrating IAM solutions with containerized workloads (Kubernetes, Docker) and securing service-to-service communication. Programming & Automation: Familiarity with Terraform, CloudFormation, or other IaC tools for IAM automation. Scripting experience (Python, Bash, etc.) is a plus. Security Certifications (Preferred): CISSP, CCSP, AWS Security Specialty, Azure Security Engineer, or equivalent. Strong Communication & Negotiation Skills: Ability to engage with architects, developers, and security teams to align on optimal IAM strategies. Gap Inc. is an equal-opportunity employer and is committed to providing a workplace free from harassment and discrimination. We are committed to recruiting, hiring, training and promoting qualified people of all backgrounds, and make all employment decisions without regard to any protected status. We have received numerous awards for our long-held commitment to equality and will continue to foster a diverse and inclusive environment of belonging. In 2022, we were recognized by Forbes as one of the World's Best Employers and one of the Best Employers for Diversity. Salary Range: $174,400 - $231,200 USD Employee pay will vary based on factors such as qualifications, experience, skill level, competencies and work location. We will meet minimum wage or minimum of the pay range (whichever is higher) based on city, county and state requirements.
Full time 55 Thomas Street, New York, NY, US 10013 We are seeking a Senior Staff IAM Engineer with deep expertise in designing identity and access management (IAM) solutions for APIs, customers, and microservices-based cloud environments. In this role, you will be responsible for architecting secure and scalable identity solutions that integrate seamlessly into our e-commerce platform. Your ability to collaborate, negotiate, and drive optimal security solutions with cross-functional teamsincluding architecture, DevSecOps, and product engineeringwill be key to success. What you'll do As a key member of the Product Security organization, you will be designing and implementing cutting-edge security solutions at scale. Design and Engineer repeatable processes/solutions and implementation of new technologies and tools across the enterprise technology footprint. Help drive technical and operational maturity from a security standpoint across all of Gap channels. Bring an automation-first mindset to drive productivity across all operational tasks. Work with Architects and Engineers to maintain accurate and reliable documentation of our network policy and design. Develop and implement IAM solutions for APIs, customers, and microservices in a cloud-native e-commerce environment. Design robust authentication and authorization mechanisms, including OAuth, OpenID Connect, JWT, and mutual TLS. Partner with DevSecOps teams to embed IAM best practices into CI/CD pipelines, automating identity governance and access controls. Define and enforce security policies for identity management across cloud platforms (AWS, Azure, or GCP). Requirement Qualifications and Skills Expertise in IAM & API Security: Proven experience designing IAM solutions for customer identity (CIAM), API security, and microservices authentication. Strong familiarity with common vulnerabilities and attack vectors across various industries retail, ecom, fintech etc. Cloud-Native IAM: Hands-on experience with AWS IAM, Azure AD, GCP IAM, or third-party identity providers (Okta, Ping Identity, Auth0, etc.). Deep Protocol Knowledge: Strong understanding of OAuth 2.0, OpenID Connect, SAML, JWT, and federation architectures. Microservices & DevSecOps: Experience integrating IAM solutions with containerized workloads (Kubernetes, Docker) and securing service-to-service communication. Programming & Automation: Familiarity with Terraform, CloudFormation, or other IaC tools for IAM automation. Scripting experience (Python, Bash, etc.) is a plus. Security Certifications (Preferred): CISSP, CCSP, AWS Security Specialty, Azure Security Engineer, or equivalent. Strong Communication & Negotiation Skills: Ability to engage with architects, developers, and security teams to align on optimal IAM strategies. Gap Inc. is an equal-opportunity employer and is committed to providing a workplace free from harassment and discrimination. We are committed to recruiting, hiring, training and promoting qualified people of all backgrounds, and make all employment decisions without regard to any protected status. We have received numerous awards for our long-held commitment to equality and will continue to foster a diverse and inclusive environment of belonging. In 2022, we were recognized by Forbes as one of the World's Best Employers and one of the Best Employers for Diversity. Salary Range: $174,400 - $231,200 USD Employee pay will vary based on factors such as qualifications, experience, skill level, competencies and work location. We will meet minimum wage or minimum of the pay range (whichever is higher) based on city, county and state requirements.