Security Compliance Engineer

Security Compliance Engineer
Chennai or Bangalore, India
 

The Opportunity:

Anthology offers the largest EdTech ecosystem on a global scale, supporting over 150 million users in 80 countries. Our mission is to provide dynamic, data-informed experiences to the global education community so that learners and educators can achieve their goals.

We believe in the power of a truly diverse and inclusive workforce. As we expand globally, we are committed to making diversity, inclusion, and belonging a foundational part of not only our hiring practices but who we are as a company.

For more information about Anthology and our career opportunities, please visit www.anthology.com.

Anthology’s Information Security team leads the governance, risk, and compliance program to enhance and ensure the confidentiality, integrity, and availability of all corporate information systems and products. This team is a core part of Anthology, providing it substantial opportunities to influence the overall corporate mission and culture.

We are building a team focused on high impact collaboration with our partners across the corporation leveraging transparency, trust, and innovation to elevate Anthology security through partnership and teamwork. We are seeking to hire the best talent, leveraging their skills to augment the team, and providing support and training to foster well-rounded individuals positioned for ongoing career success.

As a Security Compliance Engineer, you will be a detail-oriented compliance professional with a desire to improve enterprise security through engagement with partners throughout the organization to ensure security policies, procedures and guidelines are communicated effectively, monitored for compliance, and reported accurately. You will report to the Director of Governance, Risk and Compliance for the Information Security team.

Specific responsibilities will include:

• Developing Anthology’s enterprise-wide security policies and procedures
• Enforcing policies, procedures, and guidelines
• Assessing the need for security re-configurations
• Keeping current with emerging security alerts and issues
• Conducting research on emerging products, services, protocols, and standards in support of security enhancements and development efforts
• Owning the design, development, and implementation of controls created in response to identified risks
• Advancing enterprise security through customization of systems, automation of processes, and collaboration with product teams
• Developing and enhancing the Anthology training and awareness program
• Participating in external audit activities (e.g., evidence collection, communication, project management)
• Gaining exposure to Application Security and Security Engineering projects
• Functioning as subject matter expert to respond to client security inquiries
• Mentoring and cross-training of junior team members to achieve business objectives

The Candidate:

Required skills/qualifications:

• At least 3 years in Information Security Compliance or Audit
• Sufficient experience in planning and conducting work requiring judgment and independent evaluation, selection, modification, and application of standard procedures and techniques
• Familiarity with and understanding of information security frameworks (NIST 800-53, ISO 27001, SOC2, CIS, PCI-DSS)
• Understanding of cloud-based technology compliance requirements
• Understanding of secure development practices

Preferred skills/qualifications:

• Experience participating in or conducting audits
• Knowledge of secure development methodologies, tools, and practices (OWASP Top Ten)
• Experience working with industry GRC tools

 
This job description is not designed to contain a comprehensive listing of activities, duties, or responsibilities that are required. Nothing in this job description restricts management's right to assign or reassign duties and responsibilities at any time.

Anthology is an equal employment opportunity/affirmative action employer and considers qualified applicants for employment without regard to race, gender, age, color, religion, national origin, marital status, disability, sexual orientation, gender identity/expression, protected military/veteran status, or any other legally protected factor.