Sr Staff Infosec Engineer

About the Role

We are seeking for an experienced Compliance specialist part of the GAP Inc’s Cyber Security team. In this role, you will be responsible for strategizing and protecting organization’s information and data. You will build relationships and collaborate with senior members of technical and product teams to understand the technical & business context around applications and processes and influence decisions around improving the security and compliance state of the organization

What You'll Do

• Operations teams to ensure comprehensive compliance efforts
• Ensure compliance with PCI DSS, SOX, and other relevant regulations and standards
• Develop and implement TPRM frameworks to assess and mitigate risks associated with third-party vendors
• Conduct comprehensive risk assessments to identify, evaluate, and address potential compliance and security risks
• Create and enforce policies and procedures to ensure compliance with regulatory requirements
• Lead internal and external audits, ensuring all compliance requirements are met and documented
• Manage and respond to compliance-related incidents, including investigation and remediation
• Educate employees and third-party vendors on compliance requirements and best practices
• Prepare and present compliance reports to senior management and regulatory bodies
• Continuously monitor and improve compliance processes to adapt to changing regulations and business needs
• Work closely with other departments to integrate compliance measures into all aspects of the organization

Who You Are

• Minimum of 12 years in compliance management, with a strong background in PCI DSS, SOX, TPRM, and risk management
• Proficiency in compliance tools and technologies, including risk assessment and management frameworks
• Relevant certifications such as CISA, CISM, CRISC, or equivalent
• Strong analytical and problem-solving skills to identify and mitigate compliance risks.
• Excellent verbal and written communication skills to effectively convey compliance concepts to non-technical stakeholders
• Demonstrated leadership abilities with experience in mentoring a team
• Bachelor s degree in related filed, to include computer science, or equivalent combination of education and experience
• Keen attention to detail to ensure thorough and accurate compliance assessments and implementations
• Ability to adapt to rapidly changing regulatory landscapes and emerging compliance requirements
• High ethical standards and integrity in handling sensitive compliance matters

Competencies:

• Leads with a Growth Mindset.
• Cultivates a Trusting Environment.
• Drives what Matters.

Works with a 'One Team' Approach