Head of Information Security
Remote - United States
Applications have closed
Age of Learning
Age of Learning blends education best practices, innovative technology, and insightful creativity to bring learning to life for children across the U.S. and around the world.We are committed to helping all children succeed. We provide our educational programs at no cost to teachers, Head Start programs, public libraries, and other community organizations, and have served millions of children through these initiatives. We recently established the Age of Learning Foundation to expand this work globally. As we expand our global reach and increase the educational impact of our programs, we’re looking for passionate, ambitious, and collaborative leaders to become a part of our growing team.
SummaryReporting to the SVP of Infrastructure, the Head of Information Security will be responsible for information security and compliance across the organization. We are looking for a leader to continue enhancing our overall security posture in efforts to protect against growing and evolving threats. The ideal candidate has extensive experience fostering a DevSecOps culture while implementing and executing security and compliance frameworks, policies and controls in a fast-paced environment.
Responsibilities:
- Build upon existing security and compliance practices, ensuring they continue to meet the business needs and culture of the organization
- Collaborate and partner with leadership to define and communicate goals and objectives with measurable KPIs to support the organization’s security and compliance requirements
- Initiate, maintain, and revise company security and compliance policies and procedures
- Audit and test all aspects of information security to ensure that all information owned, collected or controlled by or on behalf of the company is processed, stored, and accessed in accordance with applicable laws and other global regulatory requirements, such as data privacy
- Serve as an internal information security consultant to various stakeholders to assist / advise / educate on all aspects of information security and compliance
- Define and manage security incident response processes and procedures to deter, detect, delay, deny and defend against external and internal threats
- Participate in third party (e.g. vendor) assessment and selection procedures to ensure adherence with established security and compliance policies and standards
- Work with teams throughout the organization to improve security awareness and foster compliance.
- Stay current with evolving industry trends in security and compliance
Required Qualifications:
- 7+ years of experience in information security and compliance with growing success in leading the discipline / practice / program within a fast-paced environment
- 5+ years of application security, infrastructure security, identity access management, architecture review & design, and business risk analysis
- Hands-on knowledge of information security functions such as security design review, threat modeling, risk analysis, incident response, data privacy and protection, and software testing techniques
- 3+ years of compliance frameworks and regulatory requirements (e.g., NIST, PCI, ISO 27001, SOC 2)
- One or more relevant certifications (e.g., CISSP, CISM, CCSP, CISA, GSEC)
- Solid writing and communication skills with a focus on information security and compliance
- Ability to effectively communicate with stakeholders
- Effective organizational and time management skill
- Strong attention to detail and ability to adhere to policies and procedures
- Professional, team-oriented attitude with sound judgment and analytical skills
- Demonstrated ability to manage multiple tasks and projects
- Ability to work independently and efficiently
- Bachelor’s degree in Computer Science, Engineering or related discipline preferred
Tags: Application security CCSP CISA CISM CISSP Compliance Computer Science DevSecOps GSEC Incident response ISO 27001 KPIs NIST Privacy Risk analysis SOC SOC 2
Perks/benefits: 401(k) matching Career development Flex vacation Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open EDR-related jobs