Skip Navigation

IT Governance, Risk Management & Compliance Analyst at Epicor | Software Careers

Search

or match your skills with LinkedIn

LinkedIn - job matching tool
Apply now Job ID 19001012 Date posted Oct. 07, 2019 Monterrey, Nuevo León Information Services

About Us:

Epicor Software is a global technology leader dedicated to helping businesses drive growth for more than 45 years. Our modern, industry-specific software helps customers boost efficiency and productivity by simplifying and automating everyday processes. We have a stellar team of nearly 4,000 worldwide employees who are passionate about building exceptional products and solutions through teamwork, constant innovation, and integrity. We strive to hire and reward star players who inspire one another and drive results for the business and our customers.

About the Role:

The IT Governance, Risk Management & Compliance Analyst is responsible for working with the GRC Leadership team, Information Technology, Epicor Business Units, Legal and other relevant departments to analyze and implement IT Security & Risk Management frameworks, policies, standards and best practices. Assists in translating industry, government (US & foreign) and contractual compliance requirements (PCI-DSS, SOX, SSAE16, etc.) into IT Security & Risk Management frameworks, policies, standards & best practices. Coordinates remediation of non-compliant areas of IT. Supports and coordinates internal and external audits for the areas of IT Security, Risk Management & Compliance. Assists in development and implementation of IT security awareness programs for both technical and non-technical audiences.

What You’ll Do:

  • Supports the work of the IT Security Governance, Risk Management & Compliance (GRC) department who are responsible for analyzing and implementing IT Security & Risk Management frameworks policies, standards and best practices.
  • Executes regular or scheduled compliance tasks as assigned, summarizing and reporting findings, ensuring that audit issues and associated root causes are understood, well defined and presented to GRC leadership.
  • Assist in the development of formal written reports to communicate audit results to management, and makes recommendations as appropriate.
  • Works with GRC Leadership, Information Technology and Epicor Business Units to document and implement IT Security & Risk Management frameworks, policies, standards and best practices.
  • Maintains relationships with internal and external audit and compliance agencies to facilitate execution of audits.
  • Supports and coordinates internal and external audits for the areas of IT Security and Risk Management.

What You Need to Succeed:

  • 4 or more years of information technology experience, at least 2 of them in a relevant information security and/or risk management field.
  • High level understanding of IT environments such as Active Directory, SQL, Cloud Services.
  • Strong skills in data analysis, mining, technical support and normalization.
  • Advanced Excel.

Additional Skills That Could Set You Apart:

  • Working knowledge and/or hands on experience with IT frameworks such as SOC, SOX, PCI, and NIST.
  • Service Now
  • Testing experience
Primary location: Monterrey Nuevo Leon Mexico
IT Governance, Risk Management & Compliance Analyst

What’s around You

Restaurants, bars, gyms and more. Take a look at the map to see what’s nearby.

Join our talent community

Sign Up For Job Alerts

Get ahead of the game–join our Talent Community and be the first to hear about new Epicor job opportunities.

Interested InSelect a job category from the list of options. Select a location from the list of options. Finally, click “Add” to create your job alert.

  • Information Services, Monterrey, Nuevo León, MexicoRemove

Or

By submitting my CV / resume or signing up for job alerts I agree to receive phone or email communications from Epicor and its subsidiaries about Epicor employment opportunities as they may arise. I understand that Epicor’s Privacy Policy will apply and that I may withdraw my consent to these communications at any time.