Senior Governance Compliance Security Engineer

Yesterday

Apply Now

Receive Emails with Similar Jobs

Anthology Inc

WebsiteLinkedInAll Job Openings

Educational Technology Solutions • Blackboard® (LMS • Anthology® Student (SIS/ERP) • Anthology® Reach (CRM)

1001 - 5000 employees

💰 Venture Round on 2023-01

Description

• Senior Governance Compliance Security Engineer Remote – United States • The Opportunity: Anthology delivers education and technology solutions so that students can reach their full potential and learning institutions thrive. • Our mission is to empower educators and institutions with meaningful innovation that’s simple and intelligent, inspiring student success and institutional growth. • The primary function of this role will be to help maintain and expand Anthology's Federal Risk and Authorization Management Program (FedRAMP) and StateRAMP program. • In addition to helping build Anthology's FedRAMP and StateRAMP portfolio, you will also be actively involved in the DISA compliance-related workstreams. • Primary responsibilities will include: • Providing subject matter expertise for FedRAMP, StateRAMP, IL-4, CMMC and NIST 800-53 compliance standards and regulations • Conducting FedRAMP, StateRAMP, and NIST 800-53 gap assessment, compliance readiness, and compliance monitoring activities • Coordinating and leading delivery of audit milestones to ensure audit timelines stay on target by escalating and identifying roadblocks • Performing continuous monitoring activities, as required by TX-, State-, and FedRAMP, DISA IL4 standards and ensuring reports are available for review by applicable agencies/clients • Conducting vendor and supply chain risk assessments • Assisting in the identification of business process improvements and partnering with technology and business stakeholders to identify pragmatic approaches to compliance readiness and testing • Collaborating cross-functionally with technology and business stakeholders to drive, track, and resolve all aspects of compliance readiness and audit execution • Conducting various IT Compliance controls validation and implementation activities • Collaborating with technology and business stakeholders along with other Compliance team members to facilitate remediation and execution of corrective action plans • Participating in continuous improvement initiatives • Providing coaching and mentorship to more junior team members

Requirements

• US Citizen • Effective organizational, follow-up, and time management skills • 5-8 years of hands-on experience in IT audit and/or compliance • A strong background with NIST Risk Management Framework (SP 800-53) and a broad range of skills in the fields of NIST publications, StateRAMP, or FedRAMP requirements • Experience with control assessments and coordination of audit activities • Familiarity with Information Security principles, knowledge of IT processes (e.g., Change Management, Incident Management, Risk Management, Network and System Administration) • Strong technical, analytical, interpersonal, and communication skills • Strong writing ability with a focus on communication of technical topics • Ability to work both independently and within a global team environment • Self-starter, quick-learner, and proactive problem-solving skills • Ability to develop and foster strong relationships with technology and business stakeholders • Experience with and comfortable with a remote working environment • Fluency in written and spoken English • StateRAMP or FedRAMP knowledge • Previous experience leading a Cloud Service Provider through a FedRAMP ATO process • Previous experience at a SaaS company in a similar role • Previous experience gaining an ATO or P-ATO for a cloud implementation • Exposure to ISO27001, PCI, HIPAA/HITRUST, SOC 2 • Industry standard certifications (CISSP, CISA, ISO 27001 Lead Implementer/Auditor) • Bachelor's Degree in Information Technology, Business, or related vocations