Oh Snap!
This job is no longer active - but you can still view the details below.

Senior Security Governance Risk & Compliance Analyst

| Austin

BigCommerce is disrupting the e-commerce industry as the SaaS leader for fast- growing, mid-market businesses. We enable our customers to build intuitive and engaging stores to support every stage of their growth.

The number one thing our customers care about is Information Security. The person who accepts this challenge will be able to make a large impact on the maturity of our Information Security Management System. In this role, you’ll be helping guide the work to make BigCommerce a shining example of Cybersecurity best practices. The work involves our PCI DSS and ISO 27001 certification processes, working with our teams to implement risk improvement processes and projects.

BigCommerce is committed to being a leader in Information Security in the ecommerce space. Your skills and your passion for protecting data and ensuring compliance will be a large factor in BigCommerce’s future success.

What you’ll do:

  • Assist the Governance Risk and Compliance Manager with maintaining the BC Information Security Management System (ISMS); developing policies, procedures and security standards
  • Monitor compliance with regulatory requirements such as PCI DSS, ISO 2700X, CSTAR and liaise with business stakeholders (IT, Product & Engineering, Sales, Marketing, Human Resources etc.) to ensure organizational compliance
  • Perform InfoSec risk and control assessments and report on risks to risk owners, recommend mitigation strategies and manage risks through its lifecycle
  • Perform scheduled audit and compliance checks against organization policies, document and monitor compliance violations and control improvements
  • Build awareness and accountability around IT governance, risk, and compliance control functions
  • Articulate InfoSec risk into business terms while engaging with stakeholders, product owners, and software engineers
  • Monitor and track exception to policies (ETP) while collaborating with the security operations team to develop and maintain a dynamic and real-time enterprise Risk Register and dashboard
  • Leverages technology to aggregate controls, risk and compliance information to rapidly identify and report exceptions
  • Serve as liaison to business units and third parties to create and/or provide feedback on items assigned or influenced by the team (e.g., InfoSec best practices, policy and procedure development, employee education and awareness, security exceptions, data privacy)
  • Define and deliver appropriate GRC metrics, key performance indicators (KPIs), analytics, and scorecards
  • Organize and leads GRC related meetings and prepare meeting agendas and minutes

Who You Are:

  • Minimum 5 years of experience in IT and information security.
  • In-depth understanding of PCI DSS, ISO2700x as well as industry security frameworks
  • Experience in financial services, e-commerce environment and a good understanding of cloud models (SaaS, IaaS and PaaS) is definitively a strong asset
  • Advanced knowledge of risk assessment design and delivery
  • Knowledgeable of governance, risk and compliance systems
  • Excellent interpersonal and communication skills - oral and written (including listening and facilitation skills) to deal with a wide range of stakeholders
  • Good influencing skills and ability to adapt to a dynamic, rapidly changing business and technical environment
  • Strong analytical skills for defining strategy, operating model and mitigating potential issues with an effective change management plan
  • Ability to work independently
  • Ability to prioritize and multitask. Flexibility and adaptability in work approach.
  • Calmness and clarity of thought under pressure and ability to maintain confidentiality
  • Demonstrates team-oriented interpersonal skills; ability to effectively interface with a broad range of people and roles
  • Accept responsibility and personal accountability
  • Professional certifications such as CISSP, CCSP, CISA, CRISC, CISM are considered a plus

Diversity & Inclusion at BigCommerce

We have the opportunity to build not only a great business, but a great company, with soul. Our beliefs and commitment to diversity and inclusion are a central part of achieving that.

Our dedication to diversity and inclusion is grounded in two things: a moral belief in the dignity, value, and potential of every individual, and a practical belief that diverse, inclusive teams will create the best outcomes for our customers, partners, employees, and company. We welcome everyone to be a part of our journey.

Read Full Job Description

Technology we use

  • Engineering
  • Product
    • GolangLanguages
    • JavascriptLanguages
    • PHPLanguages
    • PythonLanguages
    • RubyLanguages
    • ScalaLanguages
    • ReactLibraries
    • AngularJSFrameworks
    • Ruby on RailsFrameworks
    • MongoDBDatabases
    • Google AnalyticsAnalytics
    • PhotoshopDesign
    • SketchDesign
    • Adobe Creative SuiteDesign
    • AsanaManagement
    • ConfluenceManagement
    • JIRAManagement

Location

We're downtown at: 211 E 7th St Suite 500, Austin, TX 78701. We also have an amazing office in NW Austin: 11305 Four Points Drive, Austin TX 78726.

What are BigCommerce Perks + Benefits

Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Pet Insurance
Onsite Gym
Retirement & Stock Options Benefits
401(K)
Company Equity
Child Care & Parental Leave Benefits
Generous Parental Leave
Family Medical Leave
Adoption Assistance
Vacation & Time Off Benefits
Unlimited Vacation Policy
Paid Volunteer Time
Paid Holidays
Paid Sick Days
Perks & Discounts
Casual Dress
Commuter Benefits
Company Outings
Game Room
Stocked Kitchen
Happy Hours
Parking
Fitness Subsidies
Professional Development Benefits
Tuition Reimbursement
Diversity Program

Additional Perks + Benefits

A free online store to help you live out your entrepreneurial dreams. Competitive compensation packages. Pet Insurance. Comprehensive health insurance coverage that starts on day one. Open vacation policy for salaried team members and generous accrued time off policy for hourly team members. Employee-driven team building activities like hackathons, paintball, rock climbing, social sports leagues, movie nights, river floats, etc. Peer to peer rewards and recognition program. Paid parental leave and adoption assistance for new parents. Employer-paid life insurance and disability coverage. Educational assistance for qualified pre- and post-grad courses.

More Jobs at BigCommerce34 open jobs
All Jobs
Data + Analytics
Design + UX
Dev + Engineer
HR
Marketing
Operations
Sales
Content
Marketing
new
Austin
Marketing
new
Austin
HR
new
Austin
Data + Analytics
new
Austin
Content
new
Austin
Data + Analytics
new
Austin
Sales
new
Austin
Sales
new
Austin
Developer
new
Austin
Developer
new
Austin
Sales
new
Austin
Data + Analytics
new
Austin
Data + Analytics
new
Austin
Operations
new
Austin
Marketing
new
Austin
Design + UX
new
Austin
Operations
new
Austin