Staff Governance, Risk, and Compliance Engineer

United StatesRemotelead

Legal & ComplianceOtherCompliance EngineerCompliance

0 views0 saves0 applied

Apply Now

Quick Summary

Overview

Staff Governance, Risk & Compliance Engineer Remote - United States About the Role The primary function of this role will be to manage the maintenance and expansion of Anthology’s Federal and State compliance programs.

Key Responsibilities

Ensuring policies, practices, and procedures are understood and followed by direct reports, customers, and stakeholders Responsible for State and Federal regulatory compliance (TX-, Gov-, FedRAMP, IL-4, CMMC) – Government Compliance – in…

Technical Tools

forecastingmentoringnetworkingproject-managementsaas

Staff Governance, Risk & Compliance Engineer

Remote - United States

About the Role

The primary function of this role will be to manage the maintenance and expansion of Anthology’s Federal and State compliance programs. In addition to helping build Blackboard’s State/FedRAMP portfolios, you will also be actively involved in the emerging DISA compliance-related (e.g., RMF, CMMC, DISA IL-4, etc.) workstreams. This role requires someone with prior FedRAMP and/or U.S. Government compliance experience. This position may supervise employees depending on the needs of the business.

Responsibilities

Ensuring policies, practices, and procedures are understood and followed by direct reports, customers, and stakeholders
Responsible for State and Federal regulatory compliance (TX-, Gov-, FedRAMP, IL-4, CMMC) – Government Compliance – in consultation with the CISO, as well as Finance, Sales, and Legal teams
Providing subject matter expertise for FedRAMP and NIST 800-53 compliance standards and regulations
Owning management and execution of the external audit calendar in consultation with business processes and agency/state sponsors
Leading the completion of corrective and preventive actions for findings of Compliance audits and oversight of the Plan of Action and Milestones (POA&M) reporting process
Ensuring that systems vulnerability and penetration tests are executed per the State/Federal/Agency standards and results are clearly communicated to appropriate operational teams. Working with operational teams to re-assess remediated systems
Ensuring that continuous monitoring reporting is conducted, and the results made available to the applicable audience (FedRAMP, GovRAMP, DISA)
Ensuring annual reviews and updates of System Security Plans are conducted and enforcing the document control management process
Assisting in the identification of business process improvements and partnering with technology and business stakeholders to identify pragmatic approaches to compliance readiness and testing
Collaborating cross-functionally with technology and business stakeholders to drive, track, and resolve all aspects of Compliance readiness and audit execution
Assisting with forecasting, planning, and risk assessment relevant to expanding Compliance program in alignment with the company’s technology and sales strategies
Maintaining and applying current industry knowledge and best practices. Researching and recommending use of new technologies
Project management including analysis of business requirements, creating, and updating project plans, and tracking projects to successful completion
Mentoring and cross-training team members to achieve business objectives and foster a culture of accountability and ethical conduct
Developing metrics and dashboards for reporting on Regulatory Compliance programs

Required Skills and Experience

US Citizen
Effective organization, follow-up, and time management skills
8+ years of demonstrated experience in governance, risk management, compliance, and internal audit within a technology-driven environment
Strong documentation and communication skills
A recent hands-on concentration of work with the FedRAMP Framework (audit and compliance experience)
Strong background with NIST Risk Management Framework (SP 800-53) and a broad range of skills in the fields of NIST publications, FedRAMP requirements
Experience with control assessments and coordination of audit activities
Experience managing and achieving authorizations under FedRAMP program
Ability to work both independently and within a global team environment
Ability to develop and foster strong relationships with technology and business stakeholders
Strong writing ability with a focus on communication of technical topics
Fluency in written and spoken English

Preferred Skills and Experience

Previous experience at a SaaS company in a similar role
Previous experience gaining an ATO or P-ATO for a cloud implementation
Exposure to ISO27001, PCI, SOC 2
Industry standard certifications (CISSP, CISA, ISO 27001 Lead Implementer/Auditor)
Understanding of software development lifecycle methodologies, cloud and server infrastructure, LAN/WAN networking, VPN, and wireless networking infrastructures
Bachelor's Degree in Information Technology, Business, or related vocations

About Blackboard

Blackboard advances teaching excellence and unlocks the full potential of technology to deliver meaningful outcomes. We empower institutions to deepen connections between educators and learners, inspire engagement, and drive long-term academic success across the full learner journey.  For more information, please visit www.blackboard.com.

The expected salary range for this position is $115,700 - $160,100. The range reflects base salary only and does not include additional compensation such as company bonus or benefits. Placement within the pay range will depend on a variety of factors, such as experience, skills, internal parity, and location.

Candidates must be legally authorized to work in the country where the role is based at the time of hire and must maintain that authorization for the duration of employment. The company does not provide visa sponsorship or immigration support for this position.

This job description is not designed to contain a comprehensive listing of activities, duties, or responsibilities that are required. Nothing in this job description restricts management's right to assign or reassign duties and responsibilities at any time.    

Blackboard is an equal employment opportunity/affirmative action employer and considers qualified applicants for employment without regard to race, gender, age, color, religion, national origin, marital status, disability, sexual orientation, gender identity/expression, protected military/veteran status, or any other legally protected factor.