Director, Governance, Risk and Compliance
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Director of Governance Risk and Compliance leading information security management and compliance efforts at Anthology. Collaborating with teams to ensure adherence to regulatory frameworks and policies.
Responsibilities:
- Developing and maintaining the organization's ISMS documentation, including policies, standards, and procedures for risk management, compliance, and information security.
- Responsible for recommendations to the CISO, Product Management, Legal and Finance leadership teams that provide security program alignment with compliance requirements.
- Responsible for information risk management, collaborative design of information security controls, assessment of effective implementation of applicable controls, including identity and access management.
- Staying current on evolving regulatory environments, security threats, and compliance best practices, and updating policies and procedures accordingly.
- Responsible for maintaining and improving information security awareness in the organization.
- Translating business and information security needs and integrating these with the ISMS.
- Coordinating external audit engagements with 3PAO, ISO/SOC auditors, PCI DSS QSA firms and other security assessors, including coordinating responses and remediation efforts.
- Conducting vendor risk assessments and ensuring third-party compliance with security and privacy standards.
- Reviewing and monitoring the activities of the Security Incident Response and Business Continuity Management teams to ensure that the information security controls are used effectively during the complete life cycle of business continuity and disaster recovery response.
- Managing the recurring measurement of the effectiveness of ISMS controls implemented and communicate findings with senior management.
- Enforcing document control management processes for the Information Security Management System.
- Assisting with forecasting, planning and risk assessment relevant to evolving security control coverage in alignment with the company’s technology strategy.
- Maintaining and applying current industry knowledge and best practices.
- Researching and recommending use of new technologies.
- Project management including analysis of business requirements, creating and updating project plans, and tracking projects to successful completion.
- Assisting with vendor management, forecasting and program budget management.
- Managing personnel including mentoring and cross-training of team members to achieve business objectives.
Requirements:
- US Citizenship
- 10+ years of hands-on experience in IT audit and/or compliance
- Strong documentation and communication skills
- Strong understanding of security standards and frameworks including ISO27000 series, NIST Special Publication 800 series, SOC audits, and security requirements of Data Privacy laws
- Previous experience gaining an ATO or P-ATO for a cloud implementation under the FedRAMP, GovRAMP or IL-4 programs
- Understanding of software development lifecycle methodologies, cloud and server infrastructure, network technologies
- Experience managing security staff, collaboration and relationship building with global teams
- Current CISA, CISM, CISSP or equivalent certification is strongly preferred
Benefits:
- Health insurance
- Professional development opportunities
Similar Jobs
Health, Safety & Compliance Manager
Health & Safety Manager overseeing compliance and safety across UK fertiliser manufacturers. Leading a team in providing expertise and support to ensure health and safety regulations are met.
Regulatory Compliance Analyst II
Regulatory Compliance Analyst II responsible for credentialing, business licenses, and compliance submissions at Hanger. Collaborating with teams to ensure timely submissions and adherence to regulatory requirements.
Regulatory Licensing & Reporting Specialist
Regulatory Licensing & Reporting Specialist at Breeze, coordinating U.S. money transmitter licensing and regulatory reporting obligations in a dynamic fintech environment.
Compliance Analyst II – Healthcare Experience Required
Compliance Analyst II supporting CareSource's Compliance Program by overseeing high risk areas. Collaborating with business owners to ensure effective implementation of compliance regulations.
Compliance Analyst II
Compliance Analyst II overseeing high risk areas and ensuring compliance program effectiveness. Collaborating with stakeholders and analyzing data for compliance needs in healthcare sector.
Vice President, Government, Regulatory and Public Affairs
Vice President leading Government, Regulatory, and Public Affairs at Modivcare; advocating for company policy priorities while managing a team.
Manager, Compliance Automation, Optimization
Manager of Compliance Automation and Optimization at Wealthsimple, transforming compliance and legal workflows while driving innovation and data-driven decisions.
Manager, GRC Programs
Manager of GRC Programs leading operational execution of Governance, Risk, and Compliance at ZOLL Medical Corporation. Overseeing GRC programs and enhancing security processes within the organization.
Director, Compliance
Director of Compliance at Pearce Services ensuring NERC, FERC, and ERCOT compliance. Leading audits and regulatory filings to support operational reliability.
Head of Compliance, MLRO
Head of Compliance & MLRO at Incard ensuring regulatory excellence in the Netherlands and building a financial crime framework. Leading the EMI licensing journey with DNB and overseeing compliance operations.
Senior Fraud Prevention Analyst – Governance & Regulatory
Senior Fraud Prevention Analyst ensuring regulatory compliance within the fintech sector. Connects compliance with fraud prevention strategies and regulatory bodies.
RA Labeling Compliance Lead
RA Labeling Compliance and Business Solutions Lead at BD overseeing eIFU processes and engaging stakeholders across global teams. Responsible for ensuring compliance and managing labeling technology solutions.
Associate Manager, Regulatory Affairs
Associate Manager in Regulatory Affairs at BeOne managing timely regulatory submissions for drug approvals, ensuring compliance and collaborating with cross-functional teams.
Compliance Manager
Junior Compliance Manager ensuring compliance of ad creatives with platform policies in a global digital marketing company. Collaborate with international teams for effective ad placement.
Senior Manager, Risk & Compliance
Sr Manager Risk & Compliance ensuring compliance in facility management for J&J across regions. Managing risks, compliance systems, and supporting internal audits in diverse operational environments.
Compliance Executive
Compliance Executive coordinating regulatory documentation and support for a Compliance team in a remote environment. Providing administrative support and maintaining accurate records in complex regulatory systems.
Chemical Regulatory Data Management
Chemical Regulatory Data Management role working on regulatory data for raw materials and products. Collaborating to ensure compliance and enhance safety across communities.
Trade Compliance Operations Coordinator
Trade Compliance Operations Coordinator handling Canadian customs adjustments and audits with a focus on regulatory accuracy and data management. Ensuring compliance with the Customs Act and CARM processes in a remote capacity.
Compliance Nurse, Manager
Manager, Compliance Nurse at Humana overseeing compliance in healthcare utilization management. Ensuring policy adherence and improving associate and member outcomes through innovative processes.
Cyber Audit and Compliance Specialist
Cyber Audit and Compliance Specialist at GDIT coordinating audits and remediation processes. Supporting executives and collaborating on compliance and corrective action plans.