About ETS:

For more than 75 years, we have amplified products and services based rigorous research and our belief in the power of learning. Driven by our mission to advance quality and equity in education, ETS provides learning solutions, pioneering research and trusted assessments that help guide learners around the world on their path to new possibilities.

Our portfolio of trusted measures include

TOEFL®, TOEIC®, GRE® and Praxis®

. Along with research, development and innovation that explores new frontiers in learning and measurement our educational measurement solutions and research contribute to the development of new methods and tools, inform important dialogue with education policymakers, and shed light on critical issues and potential solutions - all with the aim of creating a world where all learners can improve their lives through education.

With new senior leadership at the helm, ETS aims to continue changing the lives of all learners as we expand our organization's global footprint. Our goal is to remain at the forefront of assessment and measurement efficacy within the education and ed tech space as it continues to grow and evolve.

Position Summary:

The Security GRC Analyst develops and implements policies, controls, and procedures to protect information system assets from intentional or inadvertent modification, disclosure, or destruction. Provides guidance and direction for the protection of information systems and assets to other business units. Proactively assesses third parties that ETS works with to ensure the confidentiality and security of ETS data. Monitors the effectiveness of data security measures and provides support on information security issues, systems, processes, products, and services. Identifies elements to support strategic security objectives across the enterprise and actively promotes security awareness.

Responsibilities

:

• Evaluation of security risks and compliance with security policies

• Collect, evaluate, and compile risk-related data and create actionable plans to address risks and threats.

• Contribute to the development and revision of information security policies, standards, and procedures.

• Perform periodic security assessments on third party vendors and ensure that security risks with the potential of causing material harm are properly documented.

• Assist in the development and reporting of the corporate Risk Register for executive leadership review.

• Execute Security Awareness program including periodic user education and anti-phishing campaigns.

• Support compliance assurance activities for required industry frameworks and regulatory standards (e.g., SOC 2, NIST 800-53, NIST CSF, and ISO 27001).

• Work across various business areas to evaluate whether security risks to the company are identified and minimized and acceptable internal controls and procedures are followed.

• Collaborate with technical teams (e.g., corporate compliance, internal audit, project management office) during the strategic planning and implementation of new business initiatives.

• Ensure that user access to information assets is provisioned, managed, and terminated as required.

• Maintain documentation of security standards, procedures, processes, and guidelines.

Knowledge/Skills:

Knowledge of:

• Applicable information security management, governance, and compliance principles, practices, laws, rules, and regulations.

• Information technology systems and processes, network infrastructure, data architecture, data processes, and protocols.

• Cyber and cloud security standard frameworks, architecture, design, operations, controls, technology, solutions, and service orchestration.

• Information systems auditing, monitoring, controlling, and assessment process.

• Incident response management.

• Risk assessment and management methodology, especially the FAIR framework.

Skills in:

• Developing and implementing enterprise governance, risk, and compliance strategy and solutions.

• Researching and locating information related to internal and external organizations using online and other sources.

• Defining problems, collecting, and analyzing data, establishing facts, and drawing valid conclusions.

• Using judgment and ingenuity in maintaining objectives and technical standards.

Education, Certifications, or Special Licenses:

• 3+ years of Information Security experience

• Experience with host and network security technologies such as firewalls, proxies, and operating systems.

• Knowledge of application and network security.

• Experience communicating the business impact of technical information.

• Ability to manage timelines and meet tight deadlines.

• Detail oriented with excellent oral and written communication skills.

• Manage and prioritize multiple tasks.

• Excellent interpersonal skills needed to work with various levels of technical and managerial staff members.

• Self-motivated, constructive, and positive attitude

#LI-NA1

#LI-REMOTE

ETS believes in a Total Rewards philosophy for our employees, and they include:

• Health, Vision, Dental insurance plans to choose from

• Generous continuous learning support, from individual learning grants to up to 6 classes a year for tuition reimbursement as well as on-line learning access!

• Generous PTO and vacation time to balance your work and life

• Additional 8 hours of PTO for volunteer work

• Retirement plan (401(a)) and traditional Roth (403b) with company contribution

• Commuter Benefits, Pet Insurance, 1 year subscription to Calm App

ETS is mission driven and action oriented

• Diversity, equity, inclusion, and belonging is at the forefront of the ETS employee's daily work. To further foster an inclusive environment ETS is home to a wide variety of Affinity groups that celebrate the diversity of our talented employees.

• How about cultivating growth, innovation, and continuous transformation for the next generation of rising professionals as leaders? ETS offers multiple Business Resource Groups (BRG) for you!

• Are you passionate about volunteering and being active in your career and community? ETS offers our Center for Advocacy & Philanthropy (CAAP) where we encourage ETS employees to become active volunteers in their communities and schools through the ETS Cares Giving Campaign. Our employees can support any 501c3 or eligible charity of their choice.

ETS is an Equal Opportunity Employer comprised of people with different experiences, strengths, and backgrounds who share a passion for advancing quality and equity in education. We are dedicated to building teams that reflect the various backgrounds, experiences, and identities of those we serve. The Talent Acquisition team strives to ensure candidates enjoy a fair and equitable hiring process. We believe our differences empower us to be a better team, making better decisions and delivering better results.