The Data Security Functional Analyst in Information Management will be actively involved in supporting the overall internal controls and compliance functionality of Costco's data landscape globally. The Data Security Functional Analyst assists and supports the organization with ongoing requirements assessment, preparation, testing and monitoring of conformance to the requirements of various internal security policies and compliance regulations related to data assets.
Job Duties/Essential Functions
* Perform duties necessary to assist in establishing best practices and system configurations to ensure the safety of data assets and to protect information systems from intentional or inadvertent access. * Conduct data security compliance assessments on new and existing Information Management systems and identify and/or implement processes to demonstrate and validate compliance requirements. * Respond to compliance related discoveries by informing appropriate custodians, assist in determining root cause, and identify and execute remedial actions necessary. * Partner with Information Management custodians to understand their respective compliance and security needs and assist with implementing practices and procedures consistent with Costco policies and procedures. * Review data access requests in accordance with data classification policies. * Identify risks and control gaps in the Information Management landscape. * Develop a strategy to continuously monitor and control using platform specific (SQL Server/Oracle/Db2) auditing tools and Splunk. * Develop shell scripts/SQL queries. * Participates in internal and external audits related to database administration controls. * Maintains current knowledge of industry trends and standards. * Regular and reliable workplace attendance at you assigned location.
* Assists in other areas of the department as necessary. * Assists in other areas of the company as necessary.
Ability to operate vehicles, equipment or machinery
* 1+ years of compliance, security, or audit experience. * 1+ years of data analysis. * Experience in writing shell scripts/SQL queries. * Experience identifying risks and implementing internal controls for risk mitigation. * Knowledge of various compliance laws, regulations and standards (e.g. SOX, HIPAA, PCI, GDPR, PIPEDA). * Experience in testing processes and systems against controls developed in accordance to laws, standards and regulations. * Proven track record for successful delivery of projects and working cross-functionally with business and information technology teams. * Proven ability to develop business relationships and communicate successfully across all levels. * Exhibits excellent professional and diplomacy skills. * Demonstrates strong sense of urgency and responsiveness. * Proven ability to follow priorities and timelines while working independently or as an integral team member. * Demonstrates strong analytical and problem solving skills. * Proficiency in business or technical writing. * Experience and willingness to teach/mentor others. * Able to support off-hours work as required, including weekends, holidays, and 24/7 on call responsibilities on a rotational basis. * International travel may be required.
* Prior experience with relational database management systems. * Ability to translate highly technical solutions/problems to audiences at varying technical levels. * One or more professional audit or security certifications such as CISA or CISSP or equivalent experience. * Successful internal candidates will have spent one year or more on their current team.
* Management will review the Job Analysis for this position prior to a job offer.
To Apply: Use the link below to upload all required documents to
Apart from any religious or disability considerations, open availability is needed to meet the needs of the business. If hired, you will be required to provide proof of authorization to work in the United States. Applicants and employees for this position will not be sponsored for work authorization, including, but not limited to H1-B visas.