Back to Job Listings

Security Compliance Analyst

Ottawa

Shopify receives millions of unique visitors each month and serves billions of requests per day. Our Processing Integrity Team, part of the broader Security and Trust Team here at Shopify, ensures we provide a trustworthy commerce platform for our 500,000+ merchants each and every day.

As a security engineer on the Processing Integrity Team, you'll be a part of a highly collaborative and adaptable team of folks. You'll dig deep into our systems to ensure that we are upholding the commitments of our internal security practices as outlined by our documentation. You'll be an embedded part of our engineering teams, understanding and describing our systems, activities, and processes to people across a broad spectrum of technical backgrounds -- to auditors, merchants and Shopify employees.

Requirements for the role:

  • Digging into a concept or a problem until you can explain it in your sleep
  • Understanding complex systems and software and identify areas of security concern, with the ability to adapt to rapid change
  • Translating technical jargon and complicated concepts into something totally simple and easily understood
  • Working with technical and financial compliance standards, and conducting control testing
  • Presenting compliance data and working with auditors

BONUS:

  • Previous exposure to SOC2/SAS70/SSAE16/SSAE18 and/or SOX IT General Control audits
  • Accounting experience
  • Experience performing technical audits

You’ll be working on:

  • Contributing to SOC 1, SOC 2, and IT Controls for SOX documentation and owning internal controls for processing integrity programs
  • Data collection, testing, and ensuring internal compliance with Shopify SOC and SOX documentation, and performing both audits and quarterly testing to ensure we are upholding our outlined standards
  • Compiling compliance evidence and communicating this evidential data to auditors in a comprehensive manner, along with explanations of how our systems work
  • Ensuring internal and external teams are able to effectively test our compliance standards
  • Reviewing third-party compliance reports
  • Resolving merchants’ security queries

We know that applying to a new role takes a lot of work and we truly value your time. Frances is looking forward to reading your application.

Experience comes in many forms, many skills are transferable, and passion goes a long way. If your experience is this close to what we’re looking for, consider applying. We know that diversity of thought makes for the best problem-solving and creative thinking, which is why we're dedicated to adding new perspectives to the team and encourage everyone to apply.

Apply now

Or, know someone who would be a perfect fit? Let them know!