Head of Information Security

Company Overview:Age of Learning is a leading education technology innovator based in Glendale, California, with a talented team of more than 600 individuals comprised of nationally-renowned educators, curriculum experts, developers, artists, writers, designers, engineers, producers, product managers, analysts and marketing experts! Together we develop engaging, effective digital learning technology and content to help children build a strong academic foundation for lifelong success.  Our flagship product ABCmouse.com Early Learning Academy® is a comprehensive online curriculum and the #1 digital learning product for young children. To-date, more than 30 million children worldwide have completed over 8 billion Learning Activities on ABCmouse. We recently launched Adventure Academy, the first massively multiplayer online (MMO) game designed specifically to help elementary- and middle-school-aged children learn. It features thousands of engaging Learning Activities—including minigames, books, original animated and live action series, and more—in a fun and safe virtual world. Other Age of Learning programs include immersive English language learning products for children in China and Japan; ReadingIQ, a digital library and literacy platform; and a groundbreaking personalized, adaptive digital learning system that individualizes math instruction for every child through AI-driven technology.
We are committed to helping all children succeed. We provide our educational programs at no cost to teachers, Head Start programs, public libraries, and other community organizations, and have served millions of children through these initiatives. We recently established the Age of Learning Foundation to expand this work globally. As we expand our global reach and increase the educational impact of our programs, we’re looking for passionate, ambitious, and collaborative leaders to become a part of our growing team.
SummaryReporting to the SVP of Infrastructure, the Head of Information Security will be responsible for information security and compliance across the organization. We are looking for a leader to continue enhancing our overall security posture in efforts to protect against growing and evolving threats. The ideal candidate has extensive experience fostering a DevSecOps culture while implementing and executing security and compliance frameworks, policies and controls in a fast-paced environment.

Responsibilities: 

• Build upon existing security and compliance practices, ensuring they continue to meet the business needs and culture of the organization
• Collaborate and partner with leadership to define and communicate goals and objectives with measurable KPIs to support the organization’s security and compliance requirements
• Initiate, maintain, and revise company security and compliance policies and procedures
• Audit and test all aspects of information security to ensure that all information owned, collected or controlled by or on behalf of the company is processed, stored, and accessed in accordance with applicable laws and other global regulatory requirements, such as data privacy
• Serve as an internal information security consultant to various stakeholders to assist / advise / educate on all aspects of information security and compliance
• Define and manage security incident response processes and procedures to deter, detect, delay, deny and defend against external and internal threats
• Participate in third party (e.g. vendor) assessment and selection procedures to ensure adherence with established security and compliance policies and standards
• Work with teams throughout the organization to improve security awareness and foster compliance.
• Stay current with evolving industry trends in security and compliance

Required Qualifications:

• 7+ years of experience in information security and compliance with growing success in leading the discipline / practice / program within a fast-paced environment
• 5+ years of application security, infrastructure security, identity access management, architecture review & design, and business risk analysis
• Hands-on knowledge of information security functions such as security design review, threat modeling, risk analysis, incident response, data privacy and protection, and software testing techniques
• 3+ years of compliance frameworks and regulatory requirements (e.g., NIST, PCI, ISO 27001, SOC 2)
• One or more relevant certifications (e.g., CISSP, CISM, CCSP, CISA, GSEC)
• Solid writing and communication skills with a focus on information security and compliance
• Ability to effectively communicate with stakeholders
• Effective organizational and time management skill
• Strong attention to detail and ability to adhere to policies and procedures
• Professional, team-oriented attitude with sound judgment and analytical skills
• Demonstrated ability to manage multiple tasks and projects
• Ability to work independently and efficiently
• Bachelor’s degree in Computer Science, Engineering or related discipline preferred

Age of Learning currently provides: • 80% - 90% of health and welfare benefit premiums• A 401(k) program with employer match• 15 paid vacation days, 11 observed national paid holidays plus 9 sick days• Our flexible work culture means 2 or more days in the office (hybrid) or 100% fully remote options available for most positions• Team bonding events and a highly collaborative environment• Access to our internal DEI Task Force that focuses on ensuring our products represent all children on a global scale• Opportunities for professional growth through professional learning and development programs • Commitment to Equal Opportunity Employment in addition to an inclusive and supportive company culture