Information Security & Compliance Manager (remote)
Company: Respondus
Location: Boston
Posted on: June 25, 2022
|
|
Job Description:
About RespondusRespondus is a leading developer of assessment
applications for higher education and K-12 schools and districts.
Our applications make it easy to create online exams,
self-assessments, and learning games. We also make powerful tools
that protect the integrity of online exams. - -
Why join us? Our work matters - assessments help educators know
what students are learning. It's at the beginning, middle, and end
of the education process. -
-Thousands of universities, K-12 districts, publishers, and testing
centers use our applications to deliver 120 million assessments
annually. We've been leaders in the education industry for over 20
years and are a growing, profitable business that is laser-focused
on customers. Nearly all our revenue is recurrent (which means
institutions pay us an annual fee to use it) and we have no debt or
outside investors. This lets us concentrate on long-term growth
that is customer-focused. - -
We are currently only reviewing applicants residing in Arizona,
Arkansas, Colorado, Massachusetts, Montana, New York, South
Carolina, Texas, Virginia and Washington. - -
About the RoleAre you a seasoned security professional passionate
about compliance, security, and risk management? Read on! -
We are looking for an Information Security & Compliance Manager who
has a deep understanding of compliance and risk management in the
SaaS landscape. In this role, you'll partner with our Data Privacy
Officer, Technical and Executive teams to build out and maintain
our information security compliance program. -This is a key role in
driving our Security, Risk, and Compliance posture.
Responsibilities: --- Support Respondus' security & compliance
projects and audits (e.g., TX-RAMP, SOC 2, HECVAT, and others)---
Work with teams such as Data Privacy, IT, R&D, Legal, and HR to
ensure audit readiness and security compliance across the
organization--- Communicate progress, escalations, and issue
resolution to management and team members--- Help mature the
security compliance program by facilitating internal control
deliverables; conduct internal monitoring and auditing; determine
compliance metrics and a tracking system.--- Conduct vendor risk
assessments, including new vendors and periodic reviews of existing
vendors--- Lead for vendor security information requests from
Respondus customers--- Coordinate periodic review of company
policies and procedures; assist with content as needed---
Facilitate management risk assessment and periodic Business
Continuity/Disaster Recovery tests; manage Incident Response event
records
-Requirements: --- Bachelor's or master's degree in a technical
field (Computer Science, Cybersecurity, etc.) or equivalent
experience. -Ability to understand and communicate technical
concepts is a must.--- 3+ years of relevant work experience in a
security compliance role--- CISSP, CISM, or other relevant security
certifications strongly preferred--- Experience in and
understanding of at least two of the following security frameworks:
ISO 27001, SOC 2, NIST 800-53, PCI-DSS, HITRUST. -A role directly
involved in SOC 2 or NIST-based certification preferred, FedRAMP
experience is a plus. -Have a working knowledge of data protection
regulations.--- Audit experience--- Strong understanding of the
business impact of security tools, processes and policies as well
as high proficiency in how to assess risk and business impact.---
Able to develop internal standards to maintain compliance with
security frameworks--- Excellent interpersonal communication,
teamwork, and project management skills--- Strong personal
integrity, accountability, and ability to take ownership of
specific projects and action items--- Strong written and verbal
communication skills with the proven ability to translate security
compliance needs to business and technical groups (internal /
external) ---- Able to foster a collaborative and respectful
working environment -
And if these statements describe you, please apply: ---- Innately
curious, process-oriented, data-driven, and take pride in owning
and improving your area of work ---- Confirmed ability to operate
effectively and autonomously in situations of ambiguity, with only
high-level direction - -
More Information
We are currently only reviewing applicants residing in Arizona,
Arkansas, Colorado, Massachusetts, Montana, New York, South
Carolina, Texas, Virginia and Washington. - -
This position is full-time remote from state of residence and
requires a work environment that is free of distractions.
Flexibility is required to accommodate meetings with staff on both
coasts of the United States. You must live in one of the states
listed above.
-Salary is competitive and will be commensurate with experience. We
also have a company-paid health plan, vacation package, a matching
401(k) plan, and a bonus plan. -
-As an equal opportunity employer, Respondus is committed to a
diverse workforce. Employment decisions regarding recruitment and
selection will be made without discrimination based on race, color,
religion, national origin, gender, age, sexual orientation,
physical or mental disability, gender identity and expression,
veteran status, or other non- job-related characteristics or other
prohibited grounds specified in applicable federal, state and local
laws. However, we cannot hire anyone who needs visa sponsorship.
-
-Next Steps - -If you are interested in this position, please send
a cover letter by email to jobs@respondus.com along with your
resume. - -We place high importance on the cover letter. It's our
first step in evaluating your interest in this particular position,
and who you are as a person. - -
Keywords: Respondus, Boston , Information Security & Compliance Manager (remote), Executive , Boston, Massachusetts
Click
here to apply!
|