Security Compliance Manager - Moodle US

Tech Stack

COMPLIANCE
SECURITY
WORKPLACE
RISK
PROGRAMS
WORLD
MANAGER
SUPPORT
IMPROVE
STAKEHOLDERS

Job Description

Moodle with us!

We're the world's most popular learning platform and we’re on a mission to empower educators to improve our world.Find out about your new workplace...Moodle is the world’s most trusted online learning solution.

The engine of our ecosystem is Moodle LMS, the secure and customizable open source learning management platform used by over 250 million learners worldwide.

Developed in conjunction with our community, Moodle LMS is complemented by an ecosystem of products including Moodle Workplace and a network of partners and services providing hosting, customizations and support.

We also teach and support educators to create effective online learning experiences and share open education resources.

Collectively, we empower educators to improve our world.Moodle US, a newly formed US-based services division of Moodle Pty, provides services in learning design, implementation support, training, hosting, custom development, and support for Moodle LMS, Moodle Workplace, as well as other Moodle products.We’ve built a passionate team of hard-working and driven people from all over the world, united by a shared belief in the ability of our platform to make a positive difference to our world.

We respect our colleagues and value an open and innovative workplace, filled with integrity and of course a strong focus on education (yes, these are our company values!)Find out more about us on our website.What your new role can look like…The Security Compliance Manager monitors activities obligated by the organization's framework requirements and governance practices.

The individual supports the development and implementation of the security compliance programs, policies, auditing, and reporting practices for framework certification.

They will ensure that the organization is in alignment with the relevant industry frameworks and standards, and proactively identifies and mitigates any compliance risks or gaps.

The Compliance Manager also oversees the compliance audits, assessments, and remediation plans, and communicates effectively with internal and external stakeholders on the compliance status and issues.

Please note, as this role will be deeply involved in our Fed RAMP certification process, the individual hired must be a US person (citizen or legal permanent resident).

They may be residing outside of the United States.

Additional responsibilities involving global projects will require availability to meet with global stakeholders during alternative time zone working hours.

Therefore, residence in UK or Europe may be preferred.

With the pace of Moodle, no two days will ever be the same!

You will...

Develop, implement and maintain security compliance programs for the global organization, including SOC 2, FedRAMP, and ISO 27001. This involves policy, process and technologies, and ensuring continuous compliance of active certifications.

Help inform and improve the company’s global Governance Risk and Compliance Program where applicable.

Create and oversee security policies and procedures as necessary for compliance success.

Support adjacent teams where necessary.

Perform routine analysis to proactively identify and mitigate compliance risk to the organization within the established Risk Tolerance and Risk Appetite Statements.

Continuously monitor the security industry to remain current in approved regulations / statutory / frameworks and solutions for the Information Security Department.

Upon request, conduct a comprehensive assessment of select regulations / statutory / frameworks; providing a summary report and associated analysis material to inform business strategy requirements.

Continuously monitor, audit, evaluate and improve the technical controls under administration by this position.

Establish performance indexes (KPI, OKR, KRI, etc) and other risk metrics for quantitative measurement.

Conduct training sessions and workshops to educate employees about the latest information security and compliance policy updates and/or recommendations.

Routinely interface with stakeholders and leaders for successful delivery of all services and programs under administration by this position.

Be solutions oriented, highly organized and self motivated, with the ability to prioritize and achieve tight deadlines.