remote

Home-Based IT Security and Compliance Analyst - DCX PH

Software Engineer

Remote IT Security and Compliance Analyst responsible for handling security, privacy, and compliance requests, supporting audit and due‑diligence activities, and ensuring adherence to frameworks such as ISO 27001 and SOC 2.

About the role

It's fun to work in a company where people truly BELIEVE in what they're doing!

We're committed to bringing passion and customer focus to the business.

The Client Services Home-Based IT Security & Compliance Analyst is responsible for managing security, privacy, and compliance requests from customers and prospects while supporting the company’s information security and regulatory compliance programs. This role works closely with IT, Legal, Sales, and Operations teams to ensure audits, due diligence activities, and compliance requirements are completed accurately and efficiently. The position also supports adherence to security frameworks such as ISO 27001, SOC 2 Type 2, and other industry standards relevant to the eCommerce business.

REQUIRED CORE COMPETENCIES

Stakeholder Communication – Effectively communicates security, compliance, and risk-related information to customers, auditors, leadership, and non-technical stakeholders.
Attention to Detail – Maintains accuracy when reviewing security questionnaires, audit evidence, policies, compliance documentation, and regulatory requirements.
Organization & Time Management – Manages multiple compliance requests, audits, reporting deadlines, and remediation activities while ensuring timely completion.
Problem-Solving & Critical Thinking – Analyzes security and compliance issues, identifies root causes, assesses risks, and recommends practical solutions.
Collaboration & Relationship Building – Works closely with IT, Legal, Sales, Operations, and external auditors to drive compliance initiatives and achieve security objectives.

WHAT YOU WILL DO

Compliance Request Management

Manage timely handling of annual and ad-hoc customer security questionnaires,
compliance surveys, and audit requests.
Review and complete customer-provided documentation, including ISO 27001 and SOC 2
assessments, security contracts, and privacy inquiries from both prospective and existing
clients.
Track and report on compliance request metrics and statuses to leadership.

Security & Technology Monitoring:

Monitor company websites and web applications for security threats, vulnerabilities, and suspicious activity, using both automated security tools and manual assessments.
Conduct routine vulnerability scans, penetration tests, and patch level assessments to ensure sites meet internal and external security standards.
Maintain and regularly update company security and privacy policies to address evolving threats, regulatory requirements, and audit findings.
Ensure websites and applications are properly patched, configured, and tested to pass ISO 27001, SOC 2 Type 2, and other relevant compliance audits.
Serve as a point of escalation for emerging web-based security risks and coordinate

About the role

It's fun to work in a company where people truly BELIEVE in what they're doing!

We're committed to bringing passion and customer focus to the business.

REQUIRED CORE COMPETENCIES

Stakeholder Communication – Effectively communicates security, compliance, and risk-related information to customers, auditors, leadership, and non-technical stakeholders.
Attention to Detail – Maintains accuracy when reviewing security questionnaires, audit evidence, policies, compliance documentation, and regulatory requirements.
Organization & Time Management – Manages multiple compliance requests, audits, reporting deadlines, and remediation activities while ensuring timely completion.
Problem-Solving & Critical Thinking – Analyzes security and compliance issues, identifies root causes, assesses risks, and recommends practical solutions.
Collaboration & Relationship Building – Works closely with IT, Legal, Sales, Operations, and external auditors to drive compliance initiatives and achieve security objectives.

WHAT YOU WILL DO

Compliance Request Management

Manage timely handling of annual and ad-hoc customer security questionnaires,
compliance surveys, and audit requests.
Review and complete customer-provided documentation, including ISO 27001 and SOC 2
assessments, security contracts, and privacy inquiries from both prospective and existing
clients.
Track and report on compliance request metrics and statuses to leadership.

Security & Technology Monitoring:

Monitor company websites and web applications for security threats, vulnerabilities, and suspicious activity, using both automated security tools and manual assessments.
Conduct routine vulnerability scans, penetration tests, and patch level assessments to ensure sites meet internal and external security standards.
Maintain and regularly update company security and privacy policies to address evolving threats, regulatory requirements, and audit findings.
Ensure websites and applications are properly patched, configured, and tested to pass ISO 27001, SOC 2 Type 2, and other relevant compliance audits.
Serve as a point of escalation for emerging web-based security risks and coordinate

Home-Based IT Security and Compliance Analyst - DCX PH

About the role

Home-Based IT Security and Compliance Analyst - DCX PH

About the role

Skills