Edtech.com's Summary

Anthology is hiring a Staff Governance, Risk & Compliance professional to manage and expand its Federal and State compliance programs. The role involves overseeing FedRAMP, DISA compliance workstreams, leading audit activities, ensuring regulatory adherence, and collaborating with cross-functional teams to maintain and enhance compliance readiness.

Highlights

Manage State and Federal regulatory compliance including FedRAMP, IL-4, CMMC, and GovRAMP standards.
Provide subject matter expertise on FedRAMP and NIST 800-53 compliance standards.
Lead external audit calendars, coordinate audits, and oversee corrective action plans.
Ensure execution of system vulnerability and penetration testing per government standards.
Maintain continuous monitoring and System Security Plan updates with document control.
Collaborate with technology and business stakeholders to improve compliance processes.
8+ years' experience in governance, risk management, compliance, and internal audit in technology environments required.
Must be a U.S. citizen with strong experience in FedRAMP Framework audit and compliance.
Preferred qualifications include SaaS experience, ATO/P-ATO achievement for cloud, ISO27001, PCI, SOC 2 exposure, and certifications like CISSP or CISA.
Expected salary range is $115,700 - $160,100 dependent on experience and budget.

Staff Governance, Risk & Compliance Full Description

Staff Governance, Risk & Compliance

Job Req: 4910
Community: Product
Location: United States
Date Posted: Nov 18, 2025
Remote Type: Remote

Job Description

Governance, Risk & Compliance, Staff

Remote – United States

The Opportunity:

Anthology offers the largest EdTech ecosystem on a global scale, supporting over 150 million users in 80 countries. Our mission is to provide dynamic, data-informed experiences to the global education community so that learners and educators can achieve their goals.

We believe in the power of a truly diverse and inclusive workforce. As we expand globally, we are committed to making diversity, inclusion, and belonging a foundational part of not only our hiring practices but who we are as a company.

For more information about Anthology and our career opportunities, please visit www.anthology.com.

The primary function of this role will be to manage the maintenance and expansion of Anthology’s Federal and State compliance programs. In addition to helping build Anthology’s State/FedRAMP portfolios, you will also be actively involved in the emerging DISA compliance-related (e.g., RMF, CMMC, DISA IL-4, etc.) workstreams. This role requires someone with prior FedRAMP and/or U.S. Government compliance experience. This position may supervise employees depending on the needs of the business.

Primary responsibilities will include:

Ensuring policies, practices, and procedures are understood and followed by direct reports, customers, and stakeholders
Responsible for State and Federal regulatory compliance (TX-, Gov-, FedRAMP, IL-4, CMMC) – Government Compliance – in consultation with the CISO, as well as Finance, Sales, and Legal teams
Providing subject matter expertise for FedRAMP and NIST 800-53 compliance standards and regulations
Owning management and execution of the external audit calendar in consultation with business processes and agency/state sponsors
Leading the completion of corrective and preventive actions for findings of Compliance audits and oversight of the Plan of Action and Milestones (POA&M) reporting process
Ensuring that systems vulnerability and penetration tests are executed per the State/Federal/Agency standards and results are clearly communicated to appropriate operational teams. Working with operational teams to re-assess remediated systems
Ensuring that continuous monitoring reporting is conducted, and the results made available to the applicable audience (FedRAMP, GovRAMP, DISA)
Ensuring annual reviews and updates of System Security Plans are conducted and enforcing the document control management process
Assisting in the identification of business process improvements and partnering with technology and business stakeholders to identify pragmatic approaches to compliance readiness and testing
Collaborating cross-functionally with technology and business stakeholders to drive, track, and resolve all aspects of Compliance readiness and audit execution
Assisting with forecasting, planning, and risk assessment relevant to expanding Compliance program in alignment with the company’s technology and sales strategies
Maintaining and applying current industry knowledge and best practices. Researching and recommending use of new technologies
Project management including analysis of business requirements, creating, and updating project plans, and tracking projects to successful completion
Mentoring and cross-training team members to achieve business objectives and foster a culture of accountability and ethical conduct
Developing metrics and dashboards for reporting on Regulatory Compliance programs

The Candidate:

Required skills/qualifications:

US Citizen
Effective organization, follow-up, and time management skills
8+ years of demonstrated experience in governance, risk management, compliance, and internal audit within a technology-driven environment
Strong documentation and communication skills
A recent hands-on concentration of work with the FedRAMP Framework (audit and compliance experience)
Strong background with NIST Risk Management Framework (SP 800-53) and a broad range of skills in the fields of NIST publications, FedRAMP requirements
Experience with control assessments and coordination of audit activities
Experience managing and achieving authorizations under FedRAMP program
Experiencing managing security staff, collaboration and relationship building with global teams
Ability to work both independently and within a global team environment
Ability to develop and foster strong relationships with technology and business stakeholders
Strong writing ability with a focus on communication of technical topics
Fluency in written and spoken English

Preferred skills/qualifications:

Previous experience at a SaaS company in a similar role
Previous experience gaining an ATO or P-ATO for a cloud implementation
Exposure to ISO27001, PCI, SOC 2
Industry standard certifications (CISSP, CISA, ISO 27001 Lead Implementer/Auditor)
Understanding of software development lifecycle methodologies, cloud and server infrastructure, LAN/WAN networking, VPN, and wireless networking infrastructures
Bachelor's Degree in Information Technology, Business, or related vocations

While the full salary range for this role is $115,700 - $173,500 the expected hiring range for this opening is $115,700 - $160,100, depending on experience and budget availability. We use national and industry-specific survey data to assist in determining compensation. Additionally, we consider factors such as external market rate, budget for the role, and the compensation rates of current employees performing the same function. Some roles will have variable pay.

This job description is not designed to contain a comprehensive listing of activities, duties, or responsibilities that are required. Nothing in this job description restricts management's right to assign or reassign duties and responsibilities at any time.

Anthology is an equal employment opportunity/affirmative action employer and considers qualified applicants for employment without regard to race, gender, age, color, religion, national origin, marital status, disability, sexual orientation, gender identity/expression, protected military/veteran status, or any other legally protected factor.

Original Job Description

Staff Governance, Risk & Compliance

Job Req: 4910
Community: Product
Location: United States
Date Posted: Nov 18, 2025
Remote Type: Remote

Job Description

Governance, Risk & Compliance, Staff

Remote – United States

The Opportunity:

For more information about Anthology and our career opportunities, please visit www.anthology.com.

Primary responsibilities will include:

Ensuring policies, practices, and procedures are understood and followed by direct reports, customers, and stakeholders
Responsible for State and Federal regulatory compliance (TX-, Gov-, FedRAMP, IL-4, CMMC) – Government Compliance – in consultation with the CISO, as well as Finance, Sales, and Legal teams
Providing subject matter expertise for FedRAMP and NIST 800-53 compliance standards and regulations
Owning management and execution of the external audit calendar in consultation with business processes and agency/state sponsors
Leading the completion of corrective and preventive actions for findings of Compliance audits and oversight of the Plan of Action and Milestones (POA&M) reporting process
Ensuring that systems vulnerability and penetration tests are executed per the State/Federal/Agency standards and results are clearly communicated to appropriate operational teams. Working with operational teams to re-assess remediated systems
Ensuring that continuous monitoring reporting is conducted, and the results made available to the applicable audience (FedRAMP, GovRAMP, DISA)
Ensuring annual reviews and updates of System Security Plans are conducted and enforcing the document control management process
Assisting in the identification of business process improvements and partnering with technology and business stakeholders to identify pragmatic approaches to compliance readiness and testing
Collaborating cross-functionally with technology and business stakeholders to drive, track, and resolve all aspects of Compliance readiness and audit execution
Assisting with forecasting, planning, and risk assessment relevant to expanding Compliance program in alignment with the company’s technology and sales strategies
Maintaining and applying current industry knowledge and best practices. Researching and recommending use of new technologies
Project management including analysis of business requirements, creating, and updating project plans, and tracking projects to successful completion
Mentoring and cross-training team members to achieve business objectives and foster a culture of accountability and ethical conduct
Developing metrics and dashboards for reporting on Regulatory Compliance programs

The Candidate:

Required skills/qualifications:

US Citizen
Effective organization, follow-up, and time management skills
8+ years of demonstrated experience in governance, risk management, compliance, and internal audit within a technology-driven environment
Strong documentation and communication skills
A recent hands-on concentration of work with the FedRAMP Framework (audit and compliance experience)
Strong background with NIST Risk Management Framework (SP 800-53) and a broad range of skills in the fields of NIST publications, FedRAMP requirements
Experience with control assessments and coordination of audit activities
Experience managing and achieving authorizations under FedRAMP program
Experiencing managing security staff, collaboration and relationship building with global teams
Ability to work both independently and within a global team environment
Ability to develop and foster strong relationships with technology and business stakeholders
Strong writing ability with a focus on communication of technical topics
Fluency in written and spoken English

Preferred skills/qualifications:

Previous experience at a SaaS company in a similar role
Previous experience gaining an ATO or P-ATO for a cloud implementation
Exposure to ISO27001, PCI, SOC 2
Industry standard certifications (CISSP, CISA, ISO 27001 Lead Implementer/Auditor)
Understanding of software development lifecycle methodologies, cloud and server infrastructure, LAN/WAN networking, VPN, and wireless networking infrastructures
Bachelor's Degree in Information Technology, Business, or related vocations

Let me find your next job.

Thanks - you're signed up.

Staff Governance, Risk & Compliance

Edtech.com's Summary

Staff Governance, Risk & Compliance Full Description

Staff Governance, Risk & Compliance

Capstone Mentor

Capstone Mentor Software & Technology

Capstone Mentor STEM

Senior Director Post Award Grant Management

Assistant Dean of Medical Curriculum, Office of Medical Education