Director of Information Security
New York City, United States - Remote
Zearn
Zearn is the top-rated math learning platform that helps kids explore concepts, discover meaning, and make sense of math. Free for teachers, always. Get started.Who We Are:
Zearn is the nonprofit educational organization behind Zearn Math, the top-rated math learning platform used by 1 in 4 elementary students nationwide. Zearn Math supports teachers with research-backed curriculum and digital lessons proven to double the learning gains of a typical year of instruction. Zearn Math instructional materials - including 400+ hours of digital math learning - are free for teachers and families. Zearn also offers school-wide and district-wide licenses and professional development to support implementation. Everything Zearn does is driven by the belief that every kid can be a math kid.
Learn more about us at https://about.zearn.org/.
Zearn is seeking a Director of Information Security (DIS) to be responsible for maintaining an information security program to ensure that all data collected or processed is adequately protected to ensure Zearn continues to support millions of kids learning across the country. This position is responsible for identifying, evaluating and reporting on information security risks in a manner that meets compliance and regulatory requirements. The DIS will serve as a company and customer subject matter expert for cybersecurity. You will work cross-functionally to advise, plan, and execute the organization’s information security program to enhance information security in accordance with industry standards. The DIS serves as the process owner of all ongoing activities related to the availability, integrity and confidentiality of student information, in compliance with Zearn’s information security policies.
What This Role Will Do:
- Serve as an internal information security advisor and subject matter expert to the organization on various security initiatives
- Implement, enforce, and maintain security policies and procedures
- Provide and/or secure information security awareness training to organization personnel
- Oversee information security audits, whether performed by the organization or third-party personnel
- Assess current technology architecture for vulnerabilities, weaknesses and possible improvements
- Respond to information security questionnaires in support of our educational agency partnerships
- Collaborate in partnership with the legal compliance team, engineering teams, and external partners
- Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate accordingly
- Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and comply with policies and audit requirements
What You’ll Bring to the Role:
- Bachelor's degree in information systems, or a related field
- Seven plus years of information security work experience
- Deep familiarity with industry standards such as NIST and CIS frameworks.
- Experience with SOC 2 audits preferred
- Strong knowledge in auditing cloud-based infrastructure
- Excellent project management skills and strong ability to prioritize
- Excellent verbal and written communication skills.
- CISSP certification is optimal but not required
- Experience working in a software product company preferred
- Client-facing experience is desirable
Location:
This role is remote, but you may be asked to travel to our New York City office periodically for team building when it reopens.
Compensation & Benefits:
We offer a competitive benefits package, including comprehensive medical, dental and vision plans, short- and long-term disability, life insurance, 401K matching, parental leave, and a generous PTO policy. We also offer a collegial and passionate culture and the potential to positively impact the lives of millions of children.
To Apply: https://apply.workable.com/j/C45AFE6B8E
Zearn is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. All employment is decided on the basis of qualifications, merit, and business need.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISSP Cloud Compliance Monitoring NIST Nonprofit SOC SOC 2 Vulnerabilities Vulnerability management
Perks/benefits: 401(k) matching Career development Competitive pay Health care Insurance Medical leave Parental leave Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs