Senior Security Compliance Engineer (Americas)
Shopify · NAMER · 6 days ago
RemoteRemoteManufacturingFull-time
About The Role
The role's core focus is on building and managing Shopify's compliance programs for its advanced IT systems. It offers a unique opportunity to work in a flexible compliance environment where expertise, innovation, and unconventional approaches are highly valued. In this role, you have the autonomy to discover, analyze, and solve security and compliance problems at scale. Resourcefulness is key—you'll need to be able to quickly gather context on infrastructure, systems, software, and safeguards to help Shopify continue shipping and scaling while staying secure, trustworthy, and usable.
Responsibilities
- Writing and updating code that automates and supports audit and compliance programs.
- Meeting with SMEs from Production Engineering, Security Engineering, Product, Legal, and other areas to learn how Shopify works and ensure that the compliance programs accurately reflect what we do and how we do it.
- Engaging with external auditors to design and perform audits for PCI programs.
- Providing expert advice to Shopify teams with regard to security and compliance domains you manage.
- Be a security expert responsible for owning and building compliance activities for standards such as: SOC, PCI, SOX and others with a focus on PCID.
- Dive deep into new products or initiatives to surface and analyze the impact on security compliance engineering.
- Leverage data and visualization tools to identify areas for improvement, track progress, and inform trusted decisions.
- Actively seek out opportunities to develop and deploy automations that will increase team efficiency.
- Anticipate changes in our trust and security posture as the technical footprint and company operations change, and help propose solutions to adapt to change.
- Develop safeguards, systems, and policies that meet compliance requirements while balancing the need to move fast and stay innovative.
Qualifications
- Proven experience performing assurance and advisory roles relating to Information Technology with particular emphasis on system implementations, technical security configurations, and cloud native environments.
- Hands-on experience building data analytics, reporting solutions, and task automation tooling.
- Experience evaluating IT, security, and application controls in the context of a compliance program for a company of similar size and complexity of Shopify.
- Strong knowledge of industry risk and PCI compliance framework.
- Excellent analytical and problem-solving skills, with the ability to think strategically and identify innovative solutions to complex challenges.
- Strong project management skills, with the ability to prioritize and manage multiple initiatives simultaneously using agile project management methodologies.
- Exceptional communication and interpersonal skills, with the ability to effectively collaborate with stakeholders.
- Self-motivated and adaptable, with a strong drive for continuous learning and professional growth.