Director, Governance Risk and Compliance
Anthology Careers
full-time
Posted on:
Location Type: Remote
Location: United States
Visit company websiteExplore more
Salary
💰 $154,000 - $200,000 per year
Job Level
Tech Stack
About the role
- Leading efforts to assess the confidentiality, integrity and availability of information via the framework set forth in the company’s global Information Security Management System (ISMS)
- Assessments of compliance with company security policies
- Operating an internal and third-party risk management process
- Regular review and measurement of the effectiveness of information security controls
- Liaising with and advising various teams including those responsible for systems architecture, systems deployments and application configuration
- Developing and maintaining the organization's ISMS documentation
- Recommendations to the CISO, Product Management, Legal, and Finance leadership teams
- Information risk management and collaborative design of information security controls
- Conducting vendor risk assessments and ensuring third-party compliance
- Reviewing and monitoring the activities of the Security Incident Response and Business Continuity Management teams
- Managing the recurring measurement of the effectiveness of ISMS controls
- Assisting with forecasting, planning and risk assessment relevant to evolving security control coverage
- Researching and recommending use of new technologies
- Project management including analysis of business requirements and tracking projects to successful completion
- Managing personnel including mentoring and cross-training of team members
Requirements
- US Citizenship
- 10+ years of hands-on experience in IT audit and/or compliance
- Strong documentation and communication skills
- Strong understanding of security standards and frameworks including ISO27000 series, NIST Special Publication 800 series, SOC audits, and security requirements of Data Privacy laws
- Previous experience gaining an ATO or P-ATO for a cloud implementation under the FedRAMP, GovRAMP or IL-4 programs
- Understanding of software development lifecycle methodologies, cloud and server infrastructure, network technologies
- Experience managing security staff, collaboration and relationship building with global teams
Benefits
- Health insurance
- Retirement plans
- Paid time off
- Flexible work arrangements
- Professional development opportunities
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
IT auditcomplianceinformation risk managementvendor risk assessmentssecurity controlsproject managementdocumentationcloud implementationsecurity standardssoftware development lifecycle
Soft Skills
communicationmentoringcross-trainingcollaborationrelationship building