This job has expired, please see additional jobs below
Lead Information Security Compliance Specialist
Houghton Mifflin Harcourt
Boston, MA, United States
Job Details - this job has expired, please see similar jobs below
Changing People's Lives by Fostering Passionate, Curious Learners
It's not just our mission; it's our passion. As a global learning company, Houghton Mifflin Harcourt (HMH) specializes in pre-K–12 education content, services and cutting-edge technology solutions for today’s changing landscape.
HMH creates engaging, dynamic and effective educational content and experiences from early childhood to K-12 and beyond the classroom, serving more than 50 million students in more than 150 countries.
We’re looking for an experienced Lead Information Security Compliance Specialist to join our Technology Group, a dynamic team of technology professionals dedicated to the nimble delivery of quality educational content for a digital age. Not your traditional IT house, the Technology Group actively partners across HMH to develop applications and platforms across a diverse range of digital channels and devotes itself to identifying and implementing digital solutions that meet the challenges facing students, teachers, parents and lifelong learners today, both inside and outside the classroom.
Our security team works to provide continuous improvements through prevention, detection, processes, and policies for customer and company information to maintain privacy and security. In this role, you will have authority and the independence to demonstrate your skills including but not limited to:
• Security Hygiene Measurement & Monitoring
• Developing Information Security Policies & Procedures
• Customer Contract Security Review
• Vendor Security Assessments
The Lead Information Security Compliance Specialist will report to HMH’s Chief Information Security Officer and will work closely with the other leads from Security, IT, legal and other business units to implement practices that meet defined policies and standards for information security. The ideal candidate will have a strong background and technical knowledge of information security and the capability to understand complex business and technical processes.
Job Responsibilities:
• Establish and execute compliance monitoring programs around information technology operations and security including support for Safe Harbor, SOC and SOX, and similar requirements for our global business.
• Evaluate internal control structures using established frameworks (i.e. CIS, NIST 800-53) to help identify weaknesses and associated risks in technical operations.
• Define and write policies, procedures and programmatic requirements that promote ongoing awareness of risks/controls/process.
• Execute remediation and response mechanisms to address audit recommendations and observations.
• Create monitoring activities to drive proactive assessment of all information technology areas.
• Provide guidance to Customer Contracts function to ensure contractual information security compliance
• Drive all aspects of Information Security vendor assessments which include organizing and conducting vendor Information Security assessments (i.e. questionnaires, third party security audit reports, onsite assessments, etc.).
• Assess completed questionnaires and supporting materials to ensure vendor’s responses are complete.
• Provide recommendations based on Vendor Assessments.
Education and Experience:
• BA or BS in technology or related field, or equivalent work experience
• with 3+ years in an IT security, IT operational, and/or IT audit/compliance role including controls definition, implementation, monitoring and process improvement
• Experience managing one or more technology-centric audits including PCI, ISO 27001, SSAE16, and/or SOC
Preferred experience:
1. Use and improvement of process and controls via internal tools including Jira, Confluence, etc.
2. Project Management experience preferred
3. Knowledge of information security standards preferred
4. Knowledge of technical aspects of data security preferred
ABOUT US:
Houghton Mifflin Harcourt (NASDAQ:HMHC) is a global learning company dedicated to changing people’s lives by fostering passionate, curious learners. As a leading provider of pre-K–12 education content, services, and cutting-edge technology solutions across a variety of media, HMH enables learning in a changing landscape. HMH is uniquely positioned to create engaging and effective educational content and experiences from early childhood to beyond the classroom. HMH serves more than 50 million students in over 150 countries worldwide, while its award-winning children's books, novels, non-fiction, and reference titles are enjoyed by readers throughout the world.
PLEASE NOTE:
Houghton Mifflin Harcourt is an equal employment opportunity employer and participates in E-Verify. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of gender, race/ethnicity, gender identity, sexual orientation, protected veteran status, disability, or other protected group status.