Associate Government Compliance Analyst

Associate Security Compliance Engineer
Chennai or Bangalore, India

The Opportunity:

Anthology offers the largest EdTech ecosystem on a global scale, supporting over 150 million users in 80 countries. Our mission is to provide dynamic, data-informed experiences to the global education community so that learners and educators can achieve their goals.

We believe in the power of a truly diverse and inclusive workforce. As we expand globally, we are committed to making diversity, inclusion, and belonging a foundational part of not only our hiring practices but who we are as a company.

For more information about Anthology and our career opportunities, please visit www.anthology.com.

Anthology’s Information Security team leads the governance, risk, and compliance program to enhance and ensure the confidentiality, integrity, and availability of all corporate information systems and products. This team is a core part of Anthology, providing it substantial opportunities to influence the overall corporate mission and culture.

The role will work closely with members of our Governance, Risk and Compliance team and internal stakeholders (Dev, DevOps, Corp IT, etc.) on all government compliance audit roles. This role will have the opportunity to learn and work on several other compliance and audit related work.

The primary function of this role will be to help maintain and expand Anthology’s Federal Risk and Authorization Management Program (FedRAMP) and StateRAMP program. In addition to helping build Anthology’s FedRAMP portfolio, you will also be actively involved in the DISA compliance-related (e.g., RMF, CMMC, DISA IL-4, etc.) workstreams.

Specific responsibilities will include:

• Providing guidance for FedRAMP, StateRAMP, IL-4, CMMC and NIST 800-53 compliance standards and regulations
• Coordinating FedRAMP gap assessment, compliance readiness, and compliance monitoring activities
• Coordinating the delivery of audit milestones to ensure audit timelines stay on target by escalating and identifying roadblocks
• Performing continuous monitoring activities, as required by TX-, State-, and FedRAMP standards and ensures reports are available for review by applicable agencies/clients
• Conducting vendor risk assessments
• Collaborating cross-functionally with technology and business stakeholders to drive and track all aspects of compliance readiness and audit execution
• Conducting various IT Compliance controls validation and implementation activities
• Collaborating with technology and business stakeholders along with other Compliance team members to facilitate remediation and execution of corrective action plans
• Participating in continuous improvement initiatives

The Candidate:

Required skills/qualifications:

• Effective organization, follow-up, and time management skills
• Hands-on experience in IT audit and/or compliance
• Experience with control assessments and coordination of audit activities
• Familiarity with Information Security principles, knowledge of IT processes (e.g., Change Management, Incident Management, Risk Management, Network and System Administration)
• Strong technical, analytical, interpersonal, and communication skills
• Strong writing ability with a focus on communication of technical topics
• Ability to work both independently and within a global team environment
• Self-starter, quick-learner, and pro-active problem-solving skills
• Ability to develop and foster strong relationships with technology and business stakeholders
• Have experience with and are comfortable with a remote working environment

Preferred skills/qualifications:

• 1+ years hands-on experience in IT audit and/or compliance
• Previous experience at a SaaS company in a similar role
• Knowledge of NIST Risk Management Framework (SP 800-53)
• Previous experience gaining an ATO or P-ATO for a cloud implementation
• Exposure to FedRAMP, StateRAMP, TX-RAMP, ISO27001, PCI, HIPAA/HITRUST, SOC 2 is a plus
• Industry standard certifications (CISSP, CISA, ISO 27001 Lead Implementer/Auditor) a plus
• Bachelor’s Degree in Information Technology, Business, or related vocations

This job description is not designed to contain a comprehensive listing of activities, duties, or responsibilities that are required. Nothing in this job description restricts management’s right to assign or reassign duties and responsibilities at any time.

Anthology is an equal employment opportunity/affirmative action employer and considers qualified applicants for employment without regard to race, gender, age, color, religion, national origin, marital status, disability, sexual orientation, gender identity/expression, protected military/veteran status, or any other legally protected factor.