Director, Governance Risk and Compliance

Job not on LinkedIn

🔥 35 minutes ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Anthology Careers

WebsiteLinkedInAll Job Openings

1 - 10 employees

👥 HR Tech

🤝 B2B

☁️ SaaS

HR Tech • B2B • SaaS

Anthology Careers is a company specializing in onboarding services and HR solutions for businesses. They provide tools and support for processes such as ADP onboarding, Workbright I-9 employment verification, and time and attendance management. The company also offers specific services for Canadian hires, ensuring compliance with various employment laws and regulations. Their platform facilitates the seamless onboarding of new employees while offering assistance through FAQs and live support.

📋 Description

• Developing and maintaining the organization's ISMS documentation, including policies, standards, and procedures for risk management, compliance, and information security. • Responsible for recommendations to the CISO, Product Management, Legal and Finance leadership teams that provide security program alignment with compliance requirements. • Responsible for information risk management, collaborative design of information security controls, assessment of effective implementation of applicable controls, including identity and access management. • Staying current on evolving regulatory environments, security threats, and compliance best practices, and updating policies and procedures accordingly. • Responsible for maintaining and improving information security awareness in the organization. • Translating business and information security needs and integrating these with the ISMS. • Coordinating external audit engagements with 3PAO, ISO/SOC auditors, PCI DSS QSA firms and other security assessors, including coordinating responses and remediation efforts. • Conducting vendor risk assessments and ensuring third-party compliance with security and privacy standards. • Reviewing and monitoring the activities of the Security Incident Response and Business Continuity Management teams to ensure that the information security controls are used effectively during the complete life cycle of business continuity and disaster recovery response. • Managing the recurring measurement of the effectiveness of ISMS controls implemented and communicate findings with senior management. • Enforcing document control management processes for the Information Security Management System. • Assisting with forecasting, planning and risk assessment relevant to evolving security control coverage in alignment with the company’s technology strategy. • Maintaining and applying current industry knowledge and best practices. • Researching and recommending use of new technologies. • Project management including analysis of business requirements, creating and updating project plans, and tracking projects to successful completion. • Assisting with vendor management, forecasting and program budget management. • Managing personnel including mentoring and cross-training of team members to achieve business objectives.

🎯 Requirements

• US Citizenship • 10+ years of hands-on experience in IT audit and/or compliance • Strong documentation and communication skills • Strong understanding of security standards and frameworks including ISO27000 series, NIST Special Publication 800 series, SOC audits, and security requirements of Data Privacy laws • Previous experience gaining an ATO or P-ATO for a cloud implementation under the FedRAMP, GovRAMP or IL-4 programs • Understanding of software development lifecycle methodologies, cloud and server infrastructure, network technologies