General information

Office (s)
Monterrey, MEX
Date Published
Tuesday, August 29, 2023
Job ID
Information Technology

Description & Requirements

About the role: 

The Governance, Risk Management & Compliance Analyst is responsible for working with the GRC leadership team, Information Technology, Epicor business units, Legal and other relevant departments to analyze and implement Security & Risk Management frameworks, policies, standards and best practices.

  • Assists in reviewing evidence for compliance requirements (PCI-DSS, SOX, SSAE18, etc.) and best practices.
  • Coordinates remediation of non-compliant areas of the company.
  • Assists in development and implementation of IT security awareness programs for both technical and non-technical audiences.
  • Manages various projects related to compliance and security efforts at Epicor.

Essential Responsibilities:   

  • Supports the work of the Global Governance, Risk Management & Compliance (GRC) department who are responsible for analyzing and implementing Security & Risk Management frameworks policies, standards and best practices.
  • Executes regular or scheduled compliance tasks as assigned, summarizing and reporting findings, ensuring that audit issues and associated root causes are understood, well defined, and presented to GRC leadership.
  • Assists in the development of formal written reports to communicate audit results to management and makes recommendations as appropriate.
  • Works with GRC Leadership, Information Technology and Epicor business units to document and implement Security & Risk Management frameworks, policies, standards, and best practices.
  • Coordinates remediation for non-compliant areas of the company.
  • Supports other department initiatives and deliverables as needed.


  • BS or BA degree (preferably in an Information Technology field) or any combination of equivalent education, experience, and formal training that allows the candidate to meet the requirements of the job.
  • 2 or more years of information technology experience, at least 1 of them in a relevant information security and/or risk management field.
  • Strong organizational and teamwork skills.
  • Working knowledge and/or hands-on experience with IT frameworks such as SOC, SOX, PCI, and NIST.
  • High-level understanding of IT environments such as Active Directory, SQL, Cloud Services.
  • Strong skills in data analysis, mining, and normalization.
  • Excellent verbal, written, and presentation skills.

About Epicor 

At Epicor we know that success comes from working together. Everyone has a role to play, and it’s the essential partnerships across our company that are crucial to our customers’ success and our growth as a business. 

We’re truly a team. Working in close partnership, we bring wide-ranging talents together in powerful collaborations. We think innovatively, share our knowledge generously, and constantly learn from our colleagues. We’re proud of the success we achieve every day, but we never stop challenging ourselves and encouraging each other. Together, we go further and imagine an even brighter future. 

Whatever your career journey, we’ll help you find the right path. Through our training courses, mentorship, and continuous support, you’ll get everything you need to thrive. At Epicor, your success is our success. And that success really matters, because we’re the essential partners for the world’s most essential businesses—the hardworking companies who make, move, and sell the things the world needs.

Equal Opportunities and Accommodations Statement 

Epicor is committed to creating a workplace and global community where inclusion is valued; where you bring the whole and real you—that’s who we’re interested in. If you have interest in this or any role- but your experience doesn’t match every qualification of the job description, that’s okay- consider applying regardless. 

We are an equal-opportunity employer.