Overview Build the Future At McGraw Hill, we are dedicated to delivering digital learning experiences that transform education for learners and educators. Our focus is on creating seamless, impactful products that truly benefit our users while supporting growth and collaboration across teams. We foster a culture that values innovation, teamwork, and a balance between career growth and personal well-being. How can you make an impact? The Director, IT Internal Controls & Risk Compliance for the Digital Enterprise Solutions (DES) organization leads the company’s Sarbanes-Oxley (SOX) compliance implementation and establishes a scalable and sustainable IT control and governance framework appropriate for our dynamic environment. This role serves as the primary IT lead for SOX compliance, partnering with DES leadership, Finance, Internal Audit, and External Audit to design, document, test, remediate, and standardize controls across a complex landscape including McGraw Hilll’s digital products, Oracle ERP, data and analytics environment, and multiple in-scope financial and operational applications. The ideal candidate leverages deep IT audit experience, strong technical understanding of complex multi-system environments, and exceptional leadership skills to drive compliance and mature our IT governance program, evolving beyond initial SOX implementation into broader risk management leadership. This is a remote position open to applicants authorized to work for any employer within the United States. What You'll Do: - Audit Execution and Risk Assessment: Plan and develop audit scope for complex assessments including SOX and SOC2 audits; participate in end-to-end engagements from planning through risk assessment, execution, reporting, issue validation, and follow-up; apply a robust understanding of business and IT risks and how controls address these risks. Provide advisory support to Internal Audit on operational or non‑SOX IT audits as needed. - Internal Controls & Remediation: Provide guidance to control owners on designing and implementing effective controls, ensure timely remediation of deficiencies, recommend improvements; design and implement controls for new entities and evolving business processes; support SOX readiness initiatives and system implementations to embed business, IT, and automated controls appropriately. - SOX and Compliance Expertise: Apply strong knowledge of SOX requirements, internal control frameworks (COSO, COBIT, NIST), and risk assessment principles to identify control gaps, assess risks, and recommend practical, business-focused solutions; effectively communicate SOX control concepts, audit findings, and remediation expectations to process owners and management, including senior leadership - IT Controls Implementation & Sustainment: Lead evaluation and implementation of IT General Controls—including user access provisioning/deprovisioning and periodic reviews, segregation of duties considerations, change management and release controls, and operations controls (interfaces, batch processing, backups, monitoring); assess and document controls across complex application landscapes such as digital products, Oracle ERP, legacy/custom, and SaaS; maintain comprehensive risk & control matrices, narratives, and system architecture documentation; partner with Finance and other stakeholders to identify IT-dependent controls and support audit walkthroughs and testing. - Program Development & Sustainability: Participate in the building of an enterprise IT risk and compliance program beyond initial SOX implementation; maintain an inventory of in-scope applications, infrastructure, and related risks; align IT risk management with enterprise and DES risk initiatives; support development of IT policies and standards, and the creation of metrics for executive, Committee, and Audit reporting; integrate recognized governance frameworks and establish sustainable compliance monitoring processes. - Collaboration & Coordination: Coordinate audit activities with external auditors to maximize efficiency, leverage work performed, and minimize disruption to the business; build strong relationships across DES, IT, Finance, Internal Audit, and business partners; collaborate effectively to partner across functions and stakeholders. Who You Are: - 7+ years of progressive experience in IT audit, IT risk management, or SOX compliance within a complex corporate environment. - Proven track record in planning and executing internal, SOX (Business & IT), operational, and IT audits - Experience supporting SOX implementations or major control transformations preferred - Experience working with PCAOB‑regulated auditors - Familiarity with audit management tools - Big 4 or equivalent public‑company experience preferred - Advanced understanding of internal control frameworks and risk assessment methodology - Exceptional leadership, communication, problem-solving, critical thinking, and stakeholder management capabilities - Ability to coach and guide control owners; demonstrated ability to build consensus and work across a matrixed organization. Why work for us? The work you do at McGraw Hill will be work that matters. We are collectively building experiences that will help shape the future of education. Play your part and experience a sense of fulfilment that will inspire you to even greater heights. The pay range for this position is between $124,000 - $165,000 annually. However, base pay offered may vary depending on job-related knowledge, skills, experience, and location. An annual bonus plan may be provided as part of the compensation package, in addition to a full range of medical and/or other benefits, depending on the position offered. Click here to learn more about our benefit offerings. McGraw Hill recruiters always use a “@mheducation.com” email address and/or from our Applicant Tracking System, iCIMS. Any variation of this email domain should be considered suspicious. Additionally, McGraw Hill recruiters and authorized representatives will never request sensitive information in email. 50606

Role Description This position is primarily focused on information security governance and compliance activities and plays a key role in supporting the organization’s Information Security compliance program within a highly regulated healthcare environment. The role is responsible for executing and improving governance and compliance processes related to regulatory alignment, audit readiness, policy management, client assurance activities, and control documentation, with primary emphasis on HIPAA, HITRUST, SOC 2, and FedRAMP, in addition to other regulatory or contractual requirements. Working under the direction of the AVP, Information Security, this role helps inform process and program improvements while primarily supporting execution of governance and compliance activities across the organization. Qualifications - 5-8+ years of experience in Information Security Compliance, IT Compliance, Healthcare Compliance, Governance, or audit-related roles - Experience in the healthcare industry is preferred. - Experience supporting HITRUST, SOC 2, HIPAA, FedRAMP, and related audit or compliance activities. - Understanding of IT technical controls and the ability to translate regulatory audit, and contractual requirements into documentation, evidence, and control expectations. - Strong understanding of governance processes, compliance operations, and audit readiness practices. - Experience working with governance/compliance or GRC tools preferred. - Knowledge of security and compliance frameworks such as HITRUST, HIPAA, SOC 2, NIST, or ISO 27001. - Certifications such as CISA, CISM, CISSP, or HITRUST-related credentials are preferred. - Excellent communication skills (written, verbal and listening); able to clearly communicate complex information in an easy to understand manner; able to deliver message effectively verbally and in writing. - Ability to present to small and midsize audiences. - Ability and willingness to learn and maximize the use of technology relevant to job responsibilities. - Ability to maintain confidentiality of sensitive information. - Ability to work independently as well within a team. - Ability to organize, prioritize, and coordinate multiple work activities and meet target deadlines. - Ability to be flexible when there are schedule or priority changes and last-minute requests. - Ability to travel as needed to Company locations and third-party locations within the US. - Required licensures, professional certifications, and/or Board certifications as applicable. - Individual in this position must be able to work in a standard office environment which requires sitting and viewing monitor(s) for extended periods of time, operating standard office equipment such as, but not limited to, a keyboard, copier and telephone. Requirements - Maintain compliance documentation, control inventories, evidence repositories, and regulatory/control mappings to effectively demonstrate adherence to healthcare, information security, and contractual requirements. - Support compliance assessments, readiness reviews, and control validation activities to confirm alignment with regulatory, audit, and contractual requirements. - Provide guidance to control owners regarding compliance obligations, documentation expectations, evidence collection, remediation activities, and audit readiness. - Develop and maintain compliance metrics, dashboards, and reporting to support visibility into governance and compliance activities. - Support the development, documentation, and improvement of governance and compliance processes to enhance consistency, audit readiness, regulatory alignment, and operational efficiency. - Provide input into ongoing maturation of governance and compliance processes and help execute approved improvement initiatives. - Support administration, reporting, workflow updates, and ongoing enhancement governance and compliance tooling used to manage requirements, evidence, and related activities. - Assist with requirements gathering, testing, reporting improvements, and workflow updates governance and compliance tooling, as needed. - Stay current on relevant regulatory requirements, audit expectations, and information security compliance and assurance practices; recommend updates to documentation, controls, policies, standards, and procedures as needed. - Support audit and assurance activities related to HIPAA, HITRUST, SOC2, client requirements, security questionnaires, and other applicable reviews or certifications by coordinating evidence collection, reviewing documentation, validating control statements, supporting control owners, and tracking remediation activities. - Assist with responses to client security questionnaires, due diligence requests, and customer audit inquiries in partnership with stakeholders across Security, Technology, Legal, and other teams. - Lead and support the development, review, maintenance, and updating of information security policies, procedures, standards, and related documentation to align with regulatory requirements, audit expectations, healthcare industry standards, and contractual obligations. - Assist with the development and implementation of the organization’s security awareness training to ensure alignment with compliance requirements. - Identify opportunities to improve governance, compliance, audit readiness, and related documentation/process effectiveness across the organization. - Support other governance, compliance, and related assurance activities as assigned. - Collaborate, coordinate, and communicate across disciplines and departments with colleagues in Information Security, Technology, Legal, Internal Audit, and others. - Demonstrate Company’s Core Competencies and values held within. Benefits - Medical, dental and vision coverage with low deductible & copay - Life insurance - Short and long-term disability - Paid Parental Leave - 401(k) + match - Employee Stock Purchase Plan - Generous Paid Time Off – accrued based on years of service - 10 paid company holidays - Tuition reimbursement - Flexible Spending Account - Employee Assistance Program - Sick time benefits – for eligible employees, one hour of sick time for every 30 hours worked, up to a maximum accrual of 40 hours per calendar year, unless the laws of the state in which the employee is located provide for more generous sick time benefits Company Description Claritev is an Equal Opportunity Employer and complies with all applicable laws and regulations. Qualified applicants will receive consideration for employment without regard to age, race, color, religion, gender, sexual orientation, gender identity, national origin, disability or protected veteran status.

• Deliver specific course content in an online environment • Provide instruction, support, and guidance to students • Manage the learning process and focus on individual student needs • Monitor student progress through the learning management system • Communicate with parents and related service staff • Develop compliant IEPs, progress reports, and special education documentation • Lead collaborative special education meetings • Analyze student data to prescribe remediation and enrichment

Compliance Officer Are you a highly organized, detail-driven Compliance Officer looking to make a real impact at Codekeeper? Do you excel in fast-paced environments where you can balance regulatory requirements with hands-on project execution? If you take ownership, bring clarity to complexity, and see initiatives through to completion, this role could be a great fit. We’re seeking a proactive professional who combines strong compliance expertise with practical project management skills. You’re comfortable collaborating with stakeholders, navigating evolving priorities, and upholding the highest ethical and legal standards - while consistently delivering high-quality work. Applications will remain open for the next two months, though we may close the role earlier once we find the right candidate. About the Role As a Compliance Officer at Codekeeper, you will oversee projects that ensure adherence to applicable laws, regulations, and internal policies while driving successful project outcomes. This role combines the strategic oversight of compliance programs with the dynamic execution of project management. You will lead initiatives involving compliance program development, risk assessments, policy implementation, and training, all while managing project timelines, resources, and deliverables in our fast-paced, remote-first environment. What You’ll Be Doing - Develop and Lead Compliance Projects: Spearhead the creation and implementation of compliance programs, ensuring alignment with regulatory standards and organizational goals. Transform compliance requirements into actionable project plans, leveraging your strategic vision and meticulous planning. - Monitor and Drive Success: Oversee project progress and compliance metrics, such as audit completion rates, training participation, and incident frequency. Set ambitious yet achievable deadlines, ensuring projects meet both compliance and operational objectives while maintaining high standards. - Collaborate and Communicate: Act as the key liaison between compliance teams, project stakeholders, and department heads. Foster clear communication to ensure alignment on compliance requirements, project goals, and progress updates, driving collaboration and collective success. - Mitigate Risks and Resolve Issues: Conduct risk assessments to identify compliance gaps and project risks. Proactively address challenges with a problem-solving mindset, implementing corrective actions to keep projects on track and ensure adherence to regulations. - Deliver Excellence and Compliance: Complete projects that not only meet compliance standards but also set new benchmarks for quality and efficiency. Ensure certifications like ISO27001 are achieved and maintained, delivering results that reflect Codekeeper’s commitment to integrity and excellence. Why Codekeeper? Codekeeper was founded by tech industry professionals to revolutionize software escrow for the cloud era. We offer state-of-the-art disaster recovery solutions that mitigate third-party risks in business operations. As a remote-first company with a central office in The Hague, we prioritize a healthy, resilient organization to support the development of our robust app. 🌐 codekeeper.coWhat You Can Expect - Passionate and supportive colleagues - A startup mindset with opportunities for growth - Regular team activities and gatherings - A comprehensive onboarding process with a dedicated ramp-up period - A collaborative team that values open communication and direct feedback - A chance to excel in your career while ensuring compliance and project success About You - Technical Skills: Proficiency in contemporary web tools such as Google Docs, Zapier, Linear, or similar technologies. - Experience: Prior experience in compliance management, project management, or a related role with an emphasis on problem-solving and risk mitigation. - Compliance Expertise: Familiarity with developing compliance programs, conducting risk assessments, or managing certifications like ISO27001 is a plus. - Communication: Proficiency in English (written and verbal). - Personal Attributes: Exceptional organizational skills, analytical thinking, and a meticulous approach to tasks. - Adaptability: Ability to prioritize tasks, manage multiple projects, and adapt to a fast-paced, remote-first work environment. - Professionalism: A polished and professional demeanor with a strong drive to achieve results and align with Codekeeper’s values. How to Apply Please send an application that speaks directly to how you would like to fill this Compliance Officer position. There are no right answers or expectations. Show us your role in our company’s future and our role in yours. Address some of the work we do, including compliance and project management. Introduce yourself as a colleague. Feel free to respond in either Dutch or English. #Remote