Hiring Organization :- Costco

Post Name :- Compliance Analyst

Qualifications:- Graduation

Industry :- Private

Employment Type :- Full Time

Work Hours :- 8

Salary:-  $20 To $30 /Hour

Locations :- Colorado ( USA )

Job Details:

Articles from Bloomberg and Forbes, among others, detail the harsh treatment of Costco employees. Our members and employees come first. Costco has won numerous awards for its philanthropy and is well-known for its generosity and community service. By sponsoring numerous opportunities to assist others, the company and its workers actively participate in volunteerism. Costco gave Children's Miracle Network Hospitals and the United Way more than $58 million in 2021.

The technical future of Costco Wholesale, the third largest retailer in the world with wholesale operations in fourteen nations, is the responsibility of Costco IT. We continue to provide a family-like, centered-on-employee environment in which our employees thrive and succeed despite our size and rapid international expansion. Costco comes in seventh place among Forbes' "World's Best Employers" as evidence.

The Compliance Analyst is in charge of ensuring that Costco's IT General Control environment (ITGC) is PCI DSS compliant, as well as ensuring that Costco's systems, applications, and business processes comply with CCPA and GDPR, two of the most recent privacy regulations.

This position is in charge of making sure that every ITGC control objective is in place and working. It also helps coach control owners on what to do if a control doesn't work for our international countries. Additionally, this position will assist Costco Senior Leaders with SOX program reporting and tracking. This is a cross-functional position in which you will collaborate closely with all of Costco's IT departments, both domestically and internationally, to ensure that the controls and compliance requirements are clearly defined, comprehended, and carried out.

• To be a piece of one of the overall BEST organizations "to work for", just apply and allow your vocation to be reconsidered.
• ITGC SOX audit objectives and requirements for all ITGC SOX areas are met by providing countries with guidance and reviewing evidence on ITGCs.

●      Exhorts worldwide nations on IT testing techniques to distinguish and assess chances and decide the adequacy of controls.

•  Identifies potential issues with compliance by reviewing and interpreting privacy control requirements and compliance data and procedures.
•  Assists in the creation and implementation of remediation plans based on audit findings or, if necessary, provides exception documentation.
•  Works with Internal Audit to develop, test, and devise strategies for effectively achieving relevant IT control objectives.
•  Identifies control structure flaws, coordinates efficient remediation, facilitates the communication of findings to control owners and stakeholders, and reports on compliance metrics and risks.
• ●      Fills in as the educated authority and resource to US Inside and Outside Evaluators/Assessors for Worldwide 
•  Contributes to the successful completion of the User Access Review procedure every month.
•  Supports the completion of the annual PCI DSS Report on Compliance (ROC) and reviews evidence of compliance to support PCI DSS requirements.

 Manages and conveys, using appropriate language, examples, and tone, key compliance milestones and success metrics for international efforts to executives, auditors, end users, and engineers.

•  Documents and manages the uncertainties, assumptions, and risks that have an effect on international delivery efforts.
•  Collaborates with cross-functional teams, builds strong liaison relationships, and manages supplier relationships to guarantee timely deliverables and cost control.
•  Participates in formal training as well as self-directed education to stay up to date on new and developing security, compliance, and privacy topics and technologies.
•  Conducts periodic audits of the global planning, delivery, and solutions functions.
•  Provides coaching and mentoring to members of the international IT team.
• A minimum of two years' experience working with or as an auditor and assessor to support a Level 1 or Level 2 organization's SOX/PCI compliance effort is required.
•  A minimum of three years' experience in compliance and/or Costco-related business experience.
•  A minimum of two years' experience employing project management techniques.
•  More than one year of experience gathering company requirements.
•  A minimum of one year of experience in data governance, data analysis, audit, or data quality.
•  A general comprehension of access control and attestation practices.

●      Great comprehension of consistence projects and guidelines like Sarbanes-Oxley (SOX), PCI and information security regulations like GDPR, CCPA, and different prerequisites that might affect consistence.

•  Experiential knowledge of managing activities at the program level in accordance with a strategic program charter.
•  Familiarity with the IT policies, procedures, and standards of the Costco Corporate Organization or similar project methodology, procedures, and processes
•  Demonstrated capacity to work on their own with minimal supervision.
• Strong oral and written communication skills, including presentation abilities, the capacity to negotiate, and the ability to effectively engage individuals at all levels of the organization. Experience in process improvement and demonstrated ability to solve business problems.
•  Extremely responsive and possessed a strong sense of urgency.
•  Able to support off-hours work on a rotational basis, including weekends, holidays, and 24/7 on-call responsibilities.
• This position allows for up to 25% international travel.
• Bachelor's degree in international business, accounting, computer science, or information technology, or four years of experience that is comparable, is preferred.

 Certifications in one of the following fields, either in the past or now: Security+, Certified Information Systems Auditor (CISA), Certified Security Compliance Specialist (CSCS), Certified Information Systems Management (CISM), Certified Information Systems Security Professional (CISSP), Qualified Security Assessor (QSA), and Internal Security Assessor (ISA).

•  A solid understanding of the tools used in Governance Risk and Compliance (GRC), control frameworks, privacy laws, and data management techniques.
•  The capacity to validate risk exposure from vendors and third parties and to identify potential compliance issues (such as SOX, PCI, and local health and privacy laws).
•  Be familiar with all of the current PCI DSS requirements, as well as other important PCI SSC guidance, card security, and the major card brands' compliance requirements.
•  The capacity to align project work efforts, both planned and active, with the program's vision.
•  The capacity to coordinate program-wide deliverables and interdependencies.
• • Experiential knowledge of identifying a business need and assisting in decision-making in order to win approval for a solution.
•  Proven track record of successfully managing projects and programs that are essential to the business.
•  Manages Enterprise Architecture-defined architectural and technical strategies for projects and programs.
•  Develops and implements a strategic program charter to manage activities at the program level.
•  Proven ability to troubleshoot problems and offer solutions, as well as skills for improving processes.
•  Acquainted with Costco's IT methodology, procedures, and processes or similar project methodologies
•  Multilingual (Spanish, Korean, Japanese, German, French, or Chinese).