IT SOX Compliance Analyst - Remote

Mexico - Remote

BigCommerce’s mission is to help merchants sell more at every stage of growth, from small startups, to mid-market businesses to large enterprises. We focus on being the best ecommerce platform so our customers can focus on what matters most: growing their businesses.

We are equally passionate about growing our employee’s careers and providing them an incredible experience as we rapidly expand across the globe. We are proud to have been recognized numerous times for our product and workplace culture. We empower our people and customers to build, innovate and grow, so together we can redefine the ecommerce industry.

Do you love challenges? Are you passionate about security and love implementing regulatory standards? Does educating and communicating the benefits of a systematic approach to security programs interest you? You want to be at the edge of learning new technologies, cloud frameworks and integrations? Do you feel like contributing to a common goal and being part of a group of people who work together with respect, mutual support and clear strategic goals? Then the BigCommerce Governance Risk Compliance & InfoSec team is calling. The number one thing our customers care about is Information Security. The person who accepts this challenge will be able to make a large impact on the maturity of our Information Security Management System. In this role, you’ll be helping guide the work to make BigCommerce a shining example of security best practices. 

The work involves supporting our compliance programs, working with our teams to implement risk improvement processes and projects. BigCommerce is committed to being a leader in Information Security in the ecommerce space. Your skills and your passion for protecting data and ensuring compliance will be a large factor in BigCommerce’s future success.

What you’ll do:

  • Function as a representative of Information Security leading by example, being diplomatic yet firm, fair, flexible and consistent in deploying industry-standard information security best practices and applicable laws, regulations, and policies.
  • Educate control owners on the quarterly user access review and annual role review processes 
  • Facilitate the quarterly user access reviews by obtaining user lists, uploading data into SailPoint and monitoring status for effective completion 
  • Complete all quarterly user access reviews by the 30 day deadline from the external auditors 
  • Facilitate the annual role review by working with control owners to obtain permission lists and partnering with external parties for completion 
  • Proactively communicate status of reviews and escalate challenges encountered 
  • Create documentation of the quarterly user access review and annual role review processes including necessary steps, common pitfalls and recommendations for future iterations 
  • Work with HR to obtain new user and termination listings 
  • Assisting in the development and tracking of control recommendations for corrective action/improvement. 
  • Stay abreast of current issues and obtain continuing education and training.
  • Participate in special projects and perform other duties as requested.
  • Maintain up-to-date knowledge about audit controls and techniques

Who You Are:

  • 3+  years of relevant experience in a technology environment.
  • Experience with translating business requirements into project implementation plans and validation, including user acceptance testing.
  • Excellent verbal and written communication skills 
  • Passion about process improvement and removing friction from systems
  • Direct experience with audit and compliance frameworks, e.g., SOX, PCI, etc.
  • Experience with auditors and the evidence collection process
  • Experience with the design and testing of IT security controls in a managed hosting and/or Software-as-a-Service environment
  • Experience in building relationships across business functions, locations, and technical stakeholders.
  • Self-direction, attention to detail with a passion to solve practical problems while dealing with a number of variables.
  • Ability to present ideas/solutions and communicate clearly, concisely, and accurately with others at all levels of the organization.
  • Experience in reading the culture of a company, adjusting your style and adapting as needed.
  • Collaborative, upbeat work ethic where you both take ownership and have fun.
  • Able to meet deliverables and drive your work to completion within specified timelines

**Please submit your resume in English for review. **

  • Fluent in English


Diversity, Equity & Inclusion at BigCommerce
Our employees make the difference. At BigCommerce, we believe that celebrating the unique histories, perspectives and abilities of every employee makes a difference for our company, our customers and our community. We are an equal opportunity employer and the inclusive atmosphere we build together will make room for every person to contribute, grow and thrive.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the interview process, to perform essential job functions and to receive other benefits and privileges of employment. If you need an accommodation in order to interview at BigCommerce, please let us know during any of your interactions with our recruiting team.

Learn more about the BigCommerce team, culture and benefits at

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Cloud Compliance E-commerce Ecommerce Governance Monitoring SailPoint

Perks/benefits: Career development Flex hours

Regions: Remote/Anywhere North America
Country: Mexico
Job stats:  38  15  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.