Job Description

Costco IT is responsible for the technical future of Costco Wholesale, the third largest retailer in the world with wholesale operations in fourteen countries. Despite our size and explosive international expansion, we continue to provide a family, employee centric atmosphere in which our employees thrive and succeed. As proof, Costco ranks seventh in Forbes \xe2\x80\x9cWorld\xe2\x80\x99s Best Employers\xe2\x80\x9d.

This is an environment unlike anything in the high-tech world and the secret of Costco\xe2\x80\x99s success is its culture. The value Costco puts on its employees is well documented in articles from a variety of publishers including Bloomberg and Forbes. Our employees and our members come FIRST. Costco is well known for its generosity and community service and has won many awards for its philanthropy. The company joins with its employees to take an active role in volunteering by sponsoring many opportunities to help others.

Come join the Costco Wholesale IT family. Costco IT is a dynamic, fast-paced environment, working through exciting transformation efforts. We are building the next generation retail environment where you will be surrounded by dedicated and highly professional employees.

Engineers have deep knowledge and hands-on experience in enterprise-wide platforms, and solve technical problems while working on technology initiatives. Engineers have strong architectural, leadership, and technical skills. They ensure delivery of high-quality artifacts, and adhere to and follow Costco\xe2\x80\x99s SDLC. Engineers interact in a highly effective manner with other team members and management, drive innovation, and influence delivery and performance.

Costco is seeking a Compliance Engineer to join our team. The ideal candidate will have experience creating, defining, and managing data-driven activities in large enterprise environments. The Compliance Engineer will work collaboratively with the wider GRC and InfoSec teams to define and create solutions for assuring compliance is understood, disseminated, and evangelized across the company as well as identify areas of opportunity to automate testing and data collection. The role will require good verbal and written skills and a willingness to learn.

If you want to be a part of one of the worldwide BEST companies \xe2\x80\x9cto work for\xe2\x80\x9d, simply apply and let your career be reimagined.

ROLE

\xe2\x97\x8f Automates, documents, shares, educates, delegates, and improves processes.

\xe2\x97\x8f Builds prototypes of potential features.

\xe2\x97\x8f Creates conceptual and detailed technical design documents and standards.

\xe2\x97\x8f Enhances automation of applications, systems, and platforms and identifies opportunities for streamlining, and continuous process improvement.

\xe2\x97\x8f Collaborates with architects to plan, design, implement, and improve new capabilities, enhancements, solutions and/or platforms.

\xe2\x97\x8f Applies knowledge to practical and sustainable applications and capabilities.

\xe2\x97\x8f Contributes, interprets, and communicates enterprise, technical, project, and operational strategies to the team.

\xe2\x97\x8f Ensures that proposed and existing systems are aligned with organizational standards, goals, and objectives.

\xe2\x97\x8f Formulates and directs activities that align short term goals and long-term initiatives while providing accurate and timely estimates of work breakdown schedules.

\xe2\x97\x8f Influences and drives adoption of best practices and high-quality standards throughout the division.

\xe2\x97\x8f Integrates diverse solution components across multiple platforms using industry standard interfaces.

\xe2\x97\x8f Tests and resolves problems, performs root cause analysis, identifies gaps, recommends solutions and preventative measures, and leads team members to solution delivery plans.

\xe2\x97\x8f Runs proof of concepts and uses diagnostic/debugging skills to solve current challenges in multi-platform systems

\xe2\x97\x8f Provides leadership/mentoring to team members, implements development efficiencies, creates appropriate. documentation, drives operational efficiencies and technical growth within the team, and supports the release model

\xe2\x97\x8f Optimizes team efficiency and performance through high level technical direction.

\xe2\x97\x8f Presents technical designs and solutions to executives, management, and other audiences to gain consensus and/or project approval.

\xe2\x97\x8f Serves as a subject matter expert for governance and compliance frameworks for IT and business process regulations and requirements.

\xe2\x97\x8f Acts as a stakeholder in execution of risk management and data compliance corporate initiatives across the business.

\xe2\x97\x8f Promotes, supports, and evangelizes a culture of compliance, risk avoidance/mitigation and corporate accountability throughout the organization.

\xe2\x97\x8f Manages the business relationships with internal and external auditors/assessors.

\xe2\x97\x8f Develops and executes creation of the compliance program and drives maturity.

\xe2\x97\x8f Reviews data, designs, and network and data flows to identify compliance concerns or opportunities to improve control implementation.

\xe2\x97\x8f Supports long-term design and operational work efforts to validate and drive control alignment and requirements.

\xe2\x97\x8f Defines and maps common compliance controls and implements them in the GRC tool.

\xe2\x97\x8f Ensures regulatory and industry requirements are correctly mapped in common compliance controls.

\xe2\x97\x8f Coordinates with Information Security Teams to review new projects and programs to ensure compliance.

\xe2\x97\x8f Identifies control requirements, pass conditions, and evidence needs for common compliance controls.

\xe2\x97\x8f Identifies areas of opportunity to automate evidence collection as well as providing feedback on areas of opportunity for control streamlining; implements automation opportunities.

\xe2\x97\x8f Logs identified issues, concerns, audit findings, and exceptions into the database, works with teams to ensure draft solutions meet compliance requirements.

\xe2\x97\x8f Prepares automated reports to showcase current compliance state and summarizes measurement data and trends.

\xe2\x97\x8f Participates in the development and update of IT policies and standards, ensures alignment with known regulatory requirements, identifies areas lacking controls coverage, and validates exceptions.

\xe2\x97\x8f Represents compliance with IT teams to translate and support ability to meet updated policies, standards, controls, and/or regulatory requirements. Drives updating existing processes to meet new requirements.

\xe2\x97\x8f Leads the evaluation and implementation of other new compliance solutions and technologies.

\xe2\x97\x8f Participates in lines of business and enterprise cross functions compliance strategic planning.

REQUIRED

\xe2\x97\x8f 5+ years\xe2\x80\x99 experience in a compliance or GRC team.

\xe2\x97\x8f Deep understanding in all aspects of risk management, data compliance, information privacy strategy, technologies and tools.

\xe2\x97\x8f Demonstrated leadership skills with ability to work effectively at executive levels. Working knowledge of Information Security best practices, policies, standards, and baselines, including industry standards and guidelines from ISO 27001/27002, NIST, CIS, and OWASP.

\xe2\x97\x8f Technical working experience/knowledge of operating systems, databases, web applications, middleware, and other computing devices/software components.

\xe2\x97\x8f Experience in computer software or computer networking.

\xe2\x97\x8f Strong analytical, problem-solving, and critical-thinking skills.

\xe2\x97\x8f Strong communication skills and attention to detail.

Recommended

\xe2\x97\x8f Compliance and security certifications preferred (e.g., Security+, GCIA, GCIH, CISSP, CEH, CCSP, CISA, CISM, etc.).

\xe2\x97\x8f Ability to work with cross-business and cross-functional teams in a geographically distributed environment.

\xe2\x97\x8f Ability to work independently, as well as part of the team.

\xe2\x97\x8f Ability to conduct root cause analysis against identified controls gaps and aid in solutioning, process creation.

\xe2\x97\x8f Ability to examine issues both strategically and analytically.

\xe2\x97\x8f Ability to work on multiple, simultaneous initiatives.

\xe2\x97\x8f Bachelor\xe2\x80\x99s degree in Information Security, Computer Science, or equivalent experience.

\xe2\x97\x8f Ability to research.

Required Documents

\xe2\x97\x8f Cover Letter

\xe2\x97\x8f Resume

California applicants, please click to review the Costco Applicant Privacy Notice.

Pay Ranges:

Level 2 - $145,000- $175,000, Bonus and Restricted Stock Unit (RSU) eligible

Level 3 - $165,000 - $195,000, Bonus and Restricted Stock Unit (RSU) eligible

Level 4 - $185,000 - $220,000, Bonus and Restricted Stock Unit (RSU) eligible

We offer a comprehensive package of benefits including paid time off, health benefits - medical/dental/vision/hearing aid/pharmacy/behavioral health/employee assistance, health care reimbursement account, dependent care assistance plan, short-term disability and long-term disability insurance, AD&D insurance, life insurance, 401(k), stock purchase plan to eligible employees.

Costco