Job Description

Costco IT is responsible for the technical future of Costco Wholesale, the third largest retailer in the world with wholesale operations in fourteen countries. Despite our size and explosive international expansion, we continue to provide a family, employee centric atmosphere in which our employees thrive and succeed. As proof, Costco ranks seventh in Forbes Worlds Best Employers.

This is an environment unlike anything in the high-tech world and the secret of Costcos success is its culture. The value Costco puts on its employees is well documented in articles from a variety of publishers including Bloomberg and Forbes. Our employees and our members come FIRST. Costco is well known for its generosity and community service and has won many awards for its philanthropy. The company joins with its employees to take an active role in volunteering by sponsoring many opportunities to help others.

Come join the Costco Wholesale IT family. Costco IT is a dynamic, fast-paced environment, working through exciting transformation efforts. We are building the next generation retail environment where you will be surrounded by dedicated and highly professional employees.

Engineers have deep knowledge and hands-on experience in enterprise-wide platforms, and solve technical problems while working on technology initiatives. Engineers have strong architectural, leadership, and technical skills. They ensure delivery of high-quality artifacts, and adhere to and follow Costcos SDLC. Engineers interact in a highly effective manner with other team members and management, drive innovation, and influence delivery and performance.

Costco is seeking a Compliance Engineer to join our team. The ideal candidate will have experience creating, defining, and managing data-driven activities in large enterprise environments. The Compliance Engineer will work collaboratively with the wider GRC and InfoSec teams to define and create solutions for assuring compliance is understood, disseminated, and evangelized across the company as well as identify areas of opportunity to automate testing and data collection. The role will require good verbal and written skills and a willingness to learn.

If you want to be a part of one of the worldwide BEST companies to work for, simply apply and let your career be reimagined.

ROLE

Automates, documents, shares, educates, delegates, and improves processes.

Builds prototypes of potential features.

Creates conceptual and detailed technical design documents and standards.

Enhances automation of applications, systems, and platforms and identifies opportunities for streamlining, and continuous process improvement.

Collaborates with architects to plan, design, implement, and improve new capabilities, enhancements, solutions and/or platforms.

Applies knowledge to practical and sustainable applications and capabilities.

Contributes, interprets, and communicates enterprise, technical, project, and operational strategies to the team.

Ensures that proposed and existing systems are aligned with organizational standards, goals, and objectives.

Formulates and directs activities that align short term goals and long-term initiatives while providing accurate and timely estimates of work breakdown schedules.

Influences and drives adoption of best practices and high-quality standards throughout the division.

Integrates diverse solution components across multiple platforms using industry standard interfaces.

Tests and resolves problems, performs root cause analysis, identifies gaps, recommends solutions and preventative measures, and leads team members to solution delivery plans.

Runs proof of concepts and uses diagnostic/debugging skills to solve current challenges in multi-platform systems

Provides leadership/mentoring to team members, implements development efficiencies, creates appropriate. documentation, drives operational efficiencies and technical growth within the team, and supports the release model

Optimizes team efficiency and performance through high level technical direction.

Presents technical designs and solutions to executives, management, and other audiences to gain consensus and/or project approval.

Serves as a subject matter expert for governance and compliance frameworks for IT and business process regulations and requirements.

Acts as a stakeholder in execution of risk management and data compliance corporate initiatives across the business.

Promotes, supports, and evangelizes a culture of compliance, risk avoidance/mitigation and corporate accountability throughout the organization.

Manages the business relationships with internal and external auditors/assessors.

Develops and executes creation of the compliance program and drives maturity.

Reviews data, designs, and network and data flows to identify compliance concerns or opportunities to improve control implementation.

Supports long-term design and operational work efforts to validate and drive control alignment and requirements.

Defines and maps common compliance controls and implements them in the GRC tool.

Ensures regulatory and industry requirements are correctly mapped in common compliance controls.

Coordinates with Information Security Teams to review new projects and programs to ensure compliance.

Identifies control requirements, pass conditions, and evidence needs for common compliance controls.

Identifies areas of opportunity to automate evidence collection as well as providing feedback on areas of opportunity for control streamlining; implements automation opportunities.

Logs identified issues, concerns, audit findings, and exceptions into the database, works with teams to ensure draft solutions meet compliance requirements.

Prepares automated reports to showcase current compliance state and summarizes measurement data and trends.

Participates in the development and update of IT policies and standards, ensures alignment with known regulatory requirements, identifies areas lacking controls coverage, and validates exceptions.

Represents compliance with IT teams to translate and support ability to meet updated policies, standards, controls, and/or regulatory requirements. Drives updating existing processes to meet new requirements.

Leads the evaluation and implementation of other new compliance solutions and technologies.

Participates in lines of business and enterprise cross functions compliance strategic planning.

REQUIRED

5+ years experience in a compliance or GRC team.

Deep understanding in all aspects of risk management, data compliance, information privacy strategy, technologies and tools.

Demonstrated leadership skills with ability to work effectively at executive levels. Working knowledge of Information Security best practices, policies, standards, and baselines, including industry standards and guidelines from ISO 27001/27002, NIST, CIS, and OWASP.

Technical working experience/knowledge of operating systems, databases, web applications, middleware, and other computing devices/software components.

Experience in computer software or computer networking.

Strong analytical, problem-solving, and critical-thinking skills.

Strong communication skills and attention to detail.

Recommended

Compliance and security certifications preferred (e.g., Security+, GCIA, GCIH, CISSP, CEH, CCSP, CISA, CISM, etc.).

Ability to work with cross-business and cross-functional teams in a geographically distributed environment.

Ability to work independently, as well as part of the team.

Ability to conduct root cause analysis against identified controls gaps and aid in solutioning, process creation.

Ability to examine issues both strategically and analytically.

Ability to work on multiple, simultaneous initiatives.

Bachelors degree in Information Security, Computer Science, or equivalent experience.

Ability to research.

Required Documents

Cover Letter

Resume

California applicants, please click to review the Costco Applicant Privacy Notice.

Pay Ranges:

Level 2 - $145,000- $175,000, Bonus and Restricted Stock Unit (RSU) eligible

Level 3 - $165,000 - $195,000, Bonus and Restricted Stock Unit (RSU) eligible

Level 4 - $185,000 - $220,000, Bonus and Restricted Stock Unit (RSU) eligible

We offer a comprehensive package of benefits including paid time off, health benefits - medical/dental/vision/hearing aid/pharmacy/behavioral health/employee assistance, health care reimbursement account, dependent care assistance plan, short-term disability and long-term disability insurance, AD&D insurance, life insurance, 401(k), stock purchase plan to eligible employees.

Costco