Security Compliance Analyst (SOC 2 Experience) - Temporary Position - Moodle

Job Description

Moodle with us!

We're the world's most popular learning platform and we’re on a mission to empower educators to improve our world.

Find out about your new workplace...

Moodle is the world’s most trusted online learning solution. The engine of our ecosystem is Moodle LMS, the secure and customizable open source learning management platform used by over 250 million learners worldwide. Developed in conjunction with our community, Moodle LMS is complemented by an ecosystem of products including Moodle Workplace and a network of partners and services providing hosting, customizations and support. We also teach and support educators to create effective online learning experiences and share open education resources. Collectively, we empower educators to improve our world.

Moodle US, a newly formed US-based services division of Moodle Pty, provides services in learning design, implementation support, training, hosting, custom development, and support for Moodle LMS, Moodle Workplace, as well as other Moodle products.

We’ve built a passionate team of hard-working and driven people from all over the world, united by a shared belief in the ability of our platform to make a positive difference to our world. We respect our colleagues and value an open and innovative workplace, filled with integrity and of course a strong focus on education (yes, these are our company values!)

Find out more about us on our website.

What your new role can look like…

The Security Compliance Analyst main function is to work within the Information Security department to support our SOC 2 recertification process. They will serve as subject matter expert on gathering or generating evidence, and manage the process with the auditors, including communicating across departments to respond to auditor requests. Additionally, they will provide quantitative risk assessment, threat and vulnerability assessment practices as needed. The individual will maintain the company’s Risk Management Program.

This is a short-term role (expected 6-8 weeks), for maternity leave coverage. Ideal for a consultant. Future opportunities may be available based on successful work.

With the pace of Moodle, no two days will ever be the same! You will...

  • Manage the SOC 2 recertification process, working closely with our Information Security Officer and external auditors to ensure a successful outcome.
  • Lead an internal audit to proactively collect and generate necessary evidence to provide for recertification process, or at auditor's request.
  • Maintain the global cyber risk quantification program, and vendor risk management program; performing risk analysis studies to inform business strategy and maintain acceptable protection of an organization's assets as needed.
  • Manages the global incident response program, from initiation to conclusion and documentation.
  • Assesses the nature of the incident, determines what resources are needed, and coordinates all efforts to resolve the situation and restore service.
  • Routinely interface with stakeholders and leaders in support of the Information Security Officer.
  • Be solutions oriented, highly organized and self-motivated, with the ability to prioritize and achieve tight deadlines.

Requirements

This position embodies and promotes the department’s mission, goals and values:

Mission:

  • To reduce the probability of material impact due to a cyber event

Goals:

  • Support: Support the company strategy and objectives
  • Protect: Protect the critical assets including reputation 
  • Comply: Comply with laws, regulations and industry standards 
  • Enable: Enhance company competitive position by securely supporting and enabling new products / services 
  • Educate: Effectively promote information security education 

Values

  • Honesty
  • Integrity
  • Accountability
  • Collaboration
  • Continuous Improvement

We’d love to hear from you, especially if you can talk to us about your:

  • Strong understanding of the SOC 2 framework, certification requirements, and auditing practices.
  • Experience with participating in SOC 2 audits, collecting evidence, and interfacing with external auditors.
  • Experience with Drata, Vanta, or another Cloud Compliance Platform.
  • Experience with security assessment practices.
  • Strong understanding of information security concepts and principles.
  • Practicing meticulous attention to detail.
  • Excellent communication and interpersonal skills.
  • Ability to work independently and as part of a team.
  • Proficiency in data analysis and reporting.

You’ll sweep us off our feet if you have:

  • Incident Response Handling
  • Cyber Vulnerability Management

Benefits

What's in it for you?

We’ve already talked about the importance we place on achieving our mission to empower educators to improve our world, our passion for our values and some of the cool things we are doing as a company.

So what about this?!

  • Fully remote opportunity, working from home or wherever suits you
  • Flexible work schedule
  • Supportive, passionate, and fun team
  • Culture that fosters personal growth and development
  • This role can be set up as a contractor consulting position or a short-term employee, depending on most suitable arrangement for chosen candidate.
  • If direct employee, you will be eligible for a benefits package, including health insurance coverage, employer 401(k) contribution, paid time off, group term life, and much more. For more information, visit our Career's Page.
  • Pay range is $30-$35 per hour depending on abilities and experience

Moodle US is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind: Moodle US is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Moodle US are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Moodle will not tolerate discrimination or harassment based on any of these characteristics. Moodle encourages applicants of all ages.