Security Governance Risk & Compliance Analyst at BigCommerce

| Austin
Sorry, this job was removed at 1:39 p.m. (CST) on Tuesday, September 24, 2019
Find out who's hiring in Austin.
See all Operations jobs in Austin
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

BigCommerce is disrupting the e-commerce industry as the SaaS leader for fast- growing, mid-market businesses. We enable our customers to build intuitive and engaging stores to support every stage of their growth.

Security Governance Risk & Compliance (GRC) Analyst 

Do you love challenges? Are you passionate about security and love implementing regulatory standards? Does educating and communicating the benefits of a systematic approach to security program interest you? You want to be at the edge of learning new technologies, cloud frameworks and integrations? You feel like contributing to a common goal and be part of a group of people who work together with respect, mutual support and clear strategic goals? Then the BigCommerce Governance Risk Compliance & InfoSec team is calling. The number one thing our customers care about is Information Security. The person who accepts this challenge will be able to make a large impact on the maturity of our Information Security Management System. In this role, you’ll be helping guide the work to make BigCommerce a shining example of security best practices. 

The work involves supporting our compliance programs, working with our teams to implement risk improvement processes and projects. BigCommerce is committed to being a leader in Information Security in the e-commerce space. Your skills and your passion for protecting data and ensuring compliance will be a large factor in BigCommerce’s future success.

What you’ll do:

  • Function as a representative of Information Security leading by example, being diplomatic yet firm, fair, flexible and consistent in deploying industry-standard information security best practices and applicable laws, regulations, and policies.
  • Assistance in evaluating the design and operating effectiveness of the BC Integrated Secure Controls Framework (BC SCF) built from Industry Standards such as NIST, ISO 27001, PCI DSS around technology controls, including, but not limited to Software Development Lifecycle (SDLC), Logical Security, Data interfaces, availability/redundancy, and Cyber / Info security.
  • Preparing supporting evidence, documenting test plans which clearly describes the audit procedures performed, results of testing and conclusions reached for various processes.
  • Designing technology diagrams detailing the systems and their dependencies during the audit process
  • Assisting with the Department’s data collection and analytics efforts and Internal Audit report preparation.
  • Assisting in the development and tracking of control recommendations for corrective action/improvement. 
  • Work with Internal business units including engineering stakeholders to identify and continuously improve departmental practices.
  • Operationalizing security controls from the BCSCF into day to day operations of our engineering teams and having fun while doing it.
  • Monitor and demonstrate compliance with organizational policies and practices, as evidenced by strong quality assurance results, and strong performance within standards and related metrics.
  • Stay abreast of current issues and obtain continuing education and training.
  • Participate in special projects and perform other duties as requested.
  • Interact with internal organizations to provide effective risk and control advice, maintaining active communication to enhance risk and control awareness and manage expectations.
  • Provide data analysis support for ongoing compliance monitoring
  • Maintain up-to-date knowledge about audit controls and techniques
  • Utilize innovative ideas and tools to enhance operational effectiveness
  • Evaluate and recommend improvements to business practices, processes, and controls

Who You Are:

  • 2- 4 years of relevant experience in a technology environment.
  • Experience with translating business requirements into project implementation plans and validation, including user acceptance testing.
  • Knowledge of engineering principles and common frameworks.
  • Knowledge of network-based services, client/server applications, cloud-based and virtualized environments, mobile applications, enterprise systems and infrastructure, network architecture, and security infrastructure.
  • Passion about process improvement and removing friction from systems
  • Direct experience with audit and compliance frameworks, e.g., ISO 27001, 2007:2017, PCI, etc.
  • Background in IT hardware/software concepts and processes used within the business, covering
    • Core security concepts
    • Cloud-based services
    • Windows and Linux operating systems
    • Open-source ecosystem (databases, applications, etc.)
  • Experience with auditors and the evidence collection process
  • Experience with the design and testing of IT security controls in a managed hosting and/or Software-as-a-Service environment
  • Experience in building relationships across business functions, locations, and technical stakeholders.
  • Self-direction, attention to detail with a passion to solve practical problems while dealing with a number of variables.
  • Ability to present ideas/solutions and communicate clearly, concisely, and accurately with others at all levels of the organization.
  • Experience in reading the culture of a company, adjusting your style and adapting as needed.
  • Collaborative, upbeat work ethic where you both take ownership and have fun.
  • Able to meet deliverable's and drive your work to completion within specified timelines.
  • Great verbal and written communication skills.

Diversity & Inclusion at BigCommerce
We have the opportunity to build not only a great business, but a great company, with soul. Our beliefs and commitment to diversity and inclusion are a central part of achieving that.

Our dedication to diversity and inclusion is grounded in two things: a moral belief in the dignity, value, and potential of every individual, and a practical belief that diverse, inclusive teams will create the best outcomes for our customers, partners, employees, and company. We welcome everyone to be a part of our journey.

Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • GolangLanguages
    • JavaLanguages
    • JavascriptLanguages
    • KotlinLanguages
    • PHPLanguages
    • PythonLanguages
    • RubyLanguages
    • ScalaLanguages
    • SqlLanguages
    • SwiftLanguages
    • ElixirLanguages
    • ErlangLanguages
    • Objective -CLanguages
    • ScalaLanguages
    • jQueryLibraries
    • ReactLibraries
    • ReduxLibraries
    • AjaxLibraries
    • AngularJSFrameworks
    • Backbone.jsFrameworks
    • Node.jsFrameworks
    • Ruby on RailsFrameworks
    • SpringFrameworks
    • jQueryFrameworks
    • MongoDBDatabases
    • Google AnalyticsAnalytics
    • PhotoshopDesign
    • SketchDesign
    • Adobe Creative SuiteDesign
    • AsanaManagement
    • ConfluenceManagement
    • JIRAManagement
    • WordpressCMS

Location

Our HQ is set amongst trees and nature trails in the beautiful hills of Austin. We also have a location downtown at 211 E 7th St Suite 500, 78701.

What are BigCommerce Perks + Benefits

Culture
Volunteer in local community
We encourage our employees to give back to our local communities through volunteer work. BigCommerce provides two paid Charity/Volunteering Leave days per calendar year to all permanent employees.
Partners with Nonprofits
Each year, the BC family partners with Partnerships for Children to help kids in the Austin area who have been taken from their homes and are living in protective custody during the holidays.
Friends outside of work
Eat lunch together
Intracompany committees
We empower employees to define our culture in the areas of Wellness, Community/Volunteering and Team Building through our BigCommerce Employee Resource Groups (ERGs).
Open door policy
Open office floor plan
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
National United HealthCare PPO & HDHP plan options with deductibles as low as $500, coverage up to 100% for in-network services and low monthly premiums
Life Insurance
Pet Insurance
Wellness Programs
Onsite Gym
Team workouts
Retirement & Stock Options Benefits
401(K)
Company Equity
Child Care & Parental Leave Benefits
Child Care Benefits
Subsidized placement services for child care.
Generous Parental Leave
Flexible Work Schedule
Family Medical Leave
Adoption Assistance
Return-to-work program post parental leave
Company sponsored family events
Vacation & Time Off Benefits
Generous PTO
Paid Volunteer Time
Paid Holidays
Paid Sick Days
Perks & Discounts
Beer on Tap
Casual Dress
Commuter Benefits
Company Outings
Game Room
Our game room includes Ping Pong, Pool Table, Foosball, Video Games.
Stocked Kitchen
Some Meals Provided
Happy Hours
Happy hours are hosted Once per week.
Parking
Fitness Subsidies
Professional Development Benefits
Job Training & Conferences
Acme Co. offers employees professional development opportunities like Onsite training courses, The ability to attend job related conferences and seminars.
Tuition Reimbursement
Diversity Program
Lunch and learns
Cross functional training encouraged
Promote from within
Mentorship program
Career mentorship is available.
Continuing Education stipend
Online course subscriptions available
Customized development tracks

Additional Perks + Benefits

A free online store to help you live out your entrepreneurial dreams. Competitive compensation packages. Pet Insurance. Comprehensive health insurance coverage that starts on day one. Open vacation policy for salaried team members and generous accrued time off policy for hourly team members. Employee-driven team building activities like hackathons, paintball, rock climbing, social sports leagues, movie nights, river floats, etc. Peer to peer rewards and recognition program. Paid parental leave and adoption assistance for new parents. Employer-paid life insurance and disability coverage. Educational assistance for qualified pre- and post-grad courses.

More Jobs at BigCommerce31 open jobs
All Jobs
Finance
Data + Analytics
Design + UX
Dev + Engineer
HR
Marketing
Operations
Product
Project Mgmt
Sales
Data + Analytics
new
Austin
Marketing
new
Austin
Data + Analytics
new
Austin
Marketing
new
Austin
Developer
new
Austin
Developer
new
Austin
Developer
new
Austin
Developer
new
Austin
Operations
new
Austin
Developer
new
Austin
Marketing
new
Austin
Project Mgmt
new
Austin
Project Mgmt
new
Austin
Sales
new
Austin
Marketing
new
Austin
Sales
new
Austin
Design + UX
new
Austin
Project Mgmt
new
Austin
Product
new
Austin
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView BigCommerce's full profileSee more BigCommerce jobs