Security Compliance Engineer
eBay · Austin, TX
- On site
- Full-time
- $162,200 / year
- Austin, TX
Job highlights
- Drive security compliance for eBay's global operations.
- Lead technical assessments and remediation efforts.
- Collaborate with business leaders on risk management.
- Utilize industry standards like PCI DSS, SOC 2.
- Requires 7+ years of security and compliance experience.
About the role
Job Summary
eBay is seeking a passionate Security Compliance Engineer to join our Global Information Security team. This role is critical in driving security compliance for eBay Payments, Marketplaces, Corporate IT, and other businesses. You will collaborate directly with business leaders to address security compliance issues, lead technical assessments, and develop effective remediation programs.
Key Responsibilities
- Provide pragmatic guidance to business leaders, balancing security compliance risks with business needs.
- Contribute to eBay's information security and compliance program, leading audits and identifying process improvements.
- Assess compliance and support remediation efforts with internal business units and relevant departments.
- Maintain a deep understanding of security controls, business processes, and tools for adopting security standards.
- Advise management on security requirements, implementations, and their impact on business processes, applications, and systems.
- Generate reports and provide recommendations to improve security practices.
- Research industry trends and apply them to internal controls to enhance security and compliance.
- Facilitate the adoption of new security controls, standards, and approaches through strategic transition plans.
- Document security/technology control requirements and develop methods to meet new cybersecurity and compliance needs.
- Coordinate compliance and audit activities with other groups.
Requirements
- 7+ years of experience in security and compliance.
- Experience in eCommerce, Payments, or Technology space is a plus.
- Familiarity with PCI DSS, SOC 2, ISO 27001, NIST, or other industry standard control frameworks.
- Experience managing third-party audits and collecting evidence.
- Strong technical understanding of security compliance requirements, solutions, threats, and challenges in a global enterprise.
- General knowledge of networking, encryption, authentication, payment infrastructure, cloud infrastructure, and application security.
- Ability to transition between high-level strategy and tactical implementation.
- Self-starter with a bias for action, thriving in fast-paced, ambiguous environments.
- Exceptional communication skills (writing, presentation, facilitation).
- Strong teamwork and collaboration skills.
Additional Details
The base pay range for this position is expected to be between $118,800 and $205,600. Actual base pay will depend on factors like location, skills, and experience. Total compensation may include a target bonus, stock options, and a comprehensive benefits package (medical, financial, 401(k), PTO, parental leave).
eBay is an equal opportunity employer committed to diversity and inclusion. Accommodations can be requested by contacting talent@ebay.com.
Key skills/competency
- Security Compliance Engineer
- Information Security
- Risk Management
- Audit Management
- PCI DSS
- SOC 2
- ISO 27001
- NIST
- Cybersecurity
- Compliance Program
Skills & topics
- Security Compliance Engineer
- Information Security
- Compliance
- Audits
- PCI DSS
- SOC 2
- ISO 27001
- NIST
- Cybersecurity
- eCommerce
- Risk Management
- Remediation
- Technical Assessments
- Global Enterprise
- eBay
How to get hired
- Tailor your resume: Highlight your 7+ years of security and compliance experience, emphasizing frameworks like PCI DSS, SOC 2, ISO 27001, and NIST. Quantify achievements in risk mitigation and audit management.
- Showcase technical depth: Clearly articulate your understanding of networking, encryption, authentication, payment infrastructure, cloud, and application security within your application and during interviews.
- Demonstrate collaboration: Provide examples of your ability to work with business leaders, internal teams, and third parties, showcasing strong communication and facilitation skills.
- Prepare for the interview: Be ready to discuss how you balance security risks with business needs and articulate your approach to navigating fast-paced, ambiguous environments.
Technical preparation
Master PCI DSS, SOC 2, ISO 27001, NIST frameworks.,Understand core security concepts: networking, encryption, auth.,Familiarize with cloud and application security principles.,Prepare to discuss audit evidence collection methods.
Behavioral questions
How do you balance risk and business needs?,Describe a complex compliance issue you resolved.,How do you adapt to fast-paced environments?,Give an example of influencing stakeholders.
Frequently asked questions
- What is the salary range for the Security Compliance Engineer position at eBay?
- The estimated base pay range for this Security Compliance Engineer role at eBay is $118,800 to $205,600 annually. The final offer will depend on your specific qualifications, experience, and location.
- What are the key compliance frameworks mentioned for this Security Compliance Engineer role at eBay?
- The job description for the Security Compliance Engineer at eBay highlights experience with or understanding of PCI DSS, SOC 2, ISO 27001, and NIST, along with other industry standard control frameworks.
- What level of experience is required for the Security Compliance Engineer position at eBay?
- eBay requires a minimum of 7 years of experience in security and compliance for the Security Compliance Engineer position.
- Does eBay offer remote work for the Security Compliance Engineer role?
- The job description does not explicitly state if the Security Compliance Engineer role is remote, hybrid, or on-site. Given the nature of compliance and potential for in-person collaboration, it's likely to be on-site or hybrid. Further clarification would be needed during the application process.
- What kind of technical knowledge is expected for an eBay Security Compliance Engineer?
- As a Security Compliance Engineer at eBay, you should possess a strong technical understanding of security compliance requirements, solutions, and threats. General knowledge of networking, encryption, authentication, payment infrastructure, cloud infrastructure, and application security is also expected.
- How can I best highlight my qualifications for the Security Compliance Engineer role at eBay?
- To best highlight your qualifications for the Security Compliance Engineer role at eBay, ensure your resume clearly details your 7+ years of experience, specific compliance framework knowledge (PCI DSS, SOC 2, etc.), and your ability to bridge technical security with business needs. Emphasize your experience in leading audits and remediation efforts.