Firm Name: Costco

Numbers of Jobs: Compliance Analyst

Education Need: Graduate

Job Hours: 8

Payment: $20-$30/Hours

What's Job City: Seattle

Job Details:

Costco Wholesale, the third-largest retailer in the world and a company operating in 14 nations, is in charge of the industry's technological development. We continue to foster a family-oriented work environment that supports the success of all of our employees despite the size of our business and our rapid international expansion. Costco is evidenced by its seventh-place finish on Forbes' list of the "World's Best Employers.".

 Since this environment is unique in the high-tech world, Costco's culture is the secret to its success. The value that Costco places on its employees has been extensively covered in articles by a number of publications, including Bloomberg and Forbes. Our team and employees are given priority one. Costco is well known for its philanthropy and dedication to the community; it has won numerous awards for these characteristics. The company encourages its employees to volunteer actively by sponsoring numerous opportunities for charitable giving.

 We're glad you're here, Costco Wholesale IT. Costco IT is undergoing exciting transformational projects in a fast-paced, dynamic environment. As we create the next-generation retail environment, you will be surrounded by devoted and highly skilled workers.

 With regard to upholding legal and regulatory requirements, protecting member privacy, and maintaining compliance, compliance analysts support Costco's guiding principles and corporate goals. Compliance analysts work closely with other teams to define and establish corporate guidance in response to emerging standards and legislation by ensuring that all policies and procedures are followed and properly documented, conducting internal reviews, and identifying compliance issues that need formal attention. Compliance analysts must be able to communicate and lead effectively in both technical and business settings.

 The Compliance Analyst will coordinate and advance all aspects of the analysis, communication, implementation, and risk mitigation of vendor-related risks and controls in order to protect Costco and its partners. The compliance analyst will work in tandem with other business units and legal departments to define and establish new corporate guidelines to support the vendor risk management program strategy, policy, and standards. This individual will be expected to anticipate regulatory impacts, raise company awareness, recommend fixes for control deficiencies, reach out in support of the business/operations, and communicate clearly at all levels.

 If you want to be a part of one of the world's BEST companies "to work for," all you have to do is apply and let your career be reimagined. ".

 ROLE .

•  provides governance for the naming, confirming, and fixing of information technology controls for any applicable regulatory compliance frameworks.
•  develops IT testing processes to identify, evaluate, and measure risk exposures and control effectiveness.
•  maintains adherence to and a thorough understanding of all existing and upcoming standards, laws, and regulations.
•  By attending formal education classes and conducting independent research, one keeps current on new and developing security issues and technologies.
•  innovative, artistic, and thrives in a stressful environment. able to identify and solve problems in time-sensitive, high-stress circumstances.
•  In order to efficiently identify and help with risk mitigation, directs and oversees vendor risk assessments for security and privacy.
•  uses a risk framework to rank the corresponding risks.
•  Observations are noted, and the company is informed as well as any outside parties.
•  determines where the controls are vulnerable and makes recommendations for how to make them more robust to handle significant risks.
•  Implementations of controls are monitored, noted, and reported.
•  supports the creation and implementation of methodologies to identify general system and business controls, as well as to identify and rank risks.
•  develops, oversees, and implements plans to communicate, address, and remedy any known material weaknesses or significant deficiencies as well as to minimize any shortcomings found by either internal or external auditors.
•  closely working alongside I. Management, accounting, legal, and internal/external auditors must be involved in order to guarantee that compliance and mitigation activities are successfully carried out and finished.
•  if necessary, makes use of outside resources or IT knowledge to complete tasks.

 REQUIRED.

•  prior involvement with a risk management program, third-party risk management, or vendor risk management (VRM).
•  knowledge of influencing and collaborating with partner organizations.
•  understanding of Governance, Risk, and Compliance (GRC) tools in practice.
•  practical knowledge of security risk assessment and control frameworks, the security stack, privacy laws, and data management practices.
•  the ability to interpret data and processes related to information security to identify potential compliance problems (SOX, HIPAA, PCI, and Privacy).
•  a quick understanding of security systems that allows one to identify and validate risk exposure from suppliers and other parties.
•  the ability to communicate effectively and clearly with engineers, executives, auditors, and end users.
•  the ability to perform successfully without guidance or assistance.
•  Experience with standard information gathering (SIG) and vendor interviews.
•  One must be a self-starter and action-oriented to oversee efforts to identify risks and mitigate them.
•  incredibly quick to react, very creative, and very aware of time constraints.
•  Mentoring skills were on display, including sharing knowledge and assisting others in understanding technical and business topics.
•  ability to coordinate between audited staff and external auditors.

 Highly advised.

•  either a four-year degree in computer science or experience safeguarding information systems.
•  Certified Third Party Risk Professional (CTPRP), Certified Security Compliance Specialist (CSCS), and Security+.
•  knowledge of firewalls, load balancing, DMZ silos, and packet capture technologies in practice.

 Paperwork that is required.

•  a letter of interest.
•  Make a resume.

 If you live in California and are a candidate, please click here to view the Costco Applicant Privacy Notice.