Security Compliance Analyst

Security Compliance Analyst

Chennai or Bangalore, India 

The Opportunity:

Anthology offers the largest EdTech ecosystem on a global scale, supporting over 150 million users in 80 countries. Our mission is to provide dynamic, data-informed experiences to the global education community so that learners and educators can achieve their goals.

We believe in the power of a truly diverse and inclusive workforce. As we expand globally, we are committed to making diversity, inclusion, and belonging a foundational part of not only our hiring practices but who we are as a company.

For more information about Anthology and our career opportunities, please visit www.anthology.com. 

Anthology’s Information Security team leads the governance, risk, and compliance program to enhance and ensure the confidentiality, integrity, and availability of all corporate information systems and products. This team is a core part of Anthology, providing it substantial opportunities to influence the overall corporate mission and culture.

We are building a team focused on high impact collaboration with our partners across the corporation leveraging transparency, trust, and innovation to elevate Anthology security through partnership and teamwork. We are seeking to hire the best talent, leveraging their skills to augment the team, and providing support and training to foster well-rounded individuals positioned for ongoing career success.

As a Security Compliance Engineer, you will be a detail-oriented compliance professional with a desire to improve enterprise security through engagement with partners throughout the organization to ensure security policies, procedures and guidelines are communicated effectively, monitored for compliance, and reported accurately. You will report to the Senior Director of Governance, Risk and Compliance for the Information Security team.

Specific responsibilities will include:

• Assisting in the management of day-to-day operations of the Governance, Risk and Compliance department
• Supporting the security compliance program, ensuring the identification, tracking, prioritization, and remediation of all internal and external compliance requirements; supporting internal audit activities and remediation requirements
• Helping to identify opportunities and resolve challenges to improve the efficiency and implementation of internal controls and other regulatory requirements  
• Updating Anthology’s enterprise-wide security policies, standards, and procedures
• Assisting with the implementation of company-wide security awareness and education programs that are aligned with security policy, standards, regulatory requirements, and industry practices
• Performing internal audits in consultation with lead internal auditor
• Assisting in executing structured risk assessment of key products and services with focus on compliance with company policies, frameworks, and standards
• Conducting research on emerging products, services, protocols, and standards in support of security enhancements and development efforts
• Functioning as subject matter expert to respond to client security inquiries

The Candidate:

Required skills/qualifications:

• At least 3 years in Information Security Compliance, Audit, or Risk Management
• Sufficient experience in planning and conducting work requiring judgment and independent evaluation, selection, modification, and application of standard procedures and techniques
• Familiarity with and understanding of information security frameworks (NIST 800-53, ISO 27001, SOC2, CIS, PCI-DSS)
• Understanding of cloud-based technologies and related compliance requirements
• Understanding of secure development practices
• Ability to work independently and as part of a team

Preferred skills/qualifications:

• Experience participating in or conducting audits
• Knowledge of secure development methodologies, tools, and practices (OWASP Top Ten)
• Experience working with industry GRC tools

This job description is not designed to contain a comprehensive listing of activities, duties, or responsibilities that are required. Nothing in this job description restricts management's right to assign or reassign duties and responsibilities at any time.

Anthology is an equal employment opportunity/affirmative action employer and considers qualified applicants for employment without regard to race, gender, age, color, religion, national origin, marital status, disability, sexual orientation, gender identity/expression, protected military/veteran status, or any other legally protected factor.