Information Security Manager
Job Type: Full Time / Permanent
This position is responsible for identifying, evaluating and reporting on information security risks in a manner that meets compliance and regulatory requirements. The ISM will serve as a company and customer subject matter expert for cybersecurity. You will work cross-functionally to advise, plan, and execute the organization’s information security program to enhance information security in accordance with industry standards. This person will serve as the process owner of all ongoing activities related to the availability, integrity and confidentiality of student information, in compliance with the organization’s information security policies. A key element of the ISM’s role is working with executive management to determine acceptable levels of risk for the organization.
What This Role Will Do: • Serve as an internal information security advisor and subject matter expert to the organization on various security initiatives • Implement, enforce, and maintain security policies and procedures • Provide information security awareness training to organization personnel • Oversee information security audits, whether performed by the organization or third-party personnel • Assess current technology architecture for vulnerabilities, weaknesses and possible improvements • Respond to information security questionnaires in support of our educational agency partnerships • Collaborate in partnership with the legal compliance team, engineering teams, and external partners • Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate accordingly • Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and comply with policies and audit requirements.
What You’ll Bring To The Role: • Bachelor’s degree in information systems, or a related field • Five plus years of information security work experience • Deep familiarity with industry standards such as NIST and CIS frameworks. • Experience with SOC 2 audits preferred • Strong knowledge in auditing cloud-based infrastructure • Excellent project management skills and strong ability to prioritize • Excellent verbal and written communication skills. • CISSP certification is optimal but not required • Experience working in a software product company preferred • Client-facing experience is desirable • A commitment to our mission of providing an exceptional education to all children • A desire to join an entrepreneurial, fast-paced environment at a high-growth organization • The willingness to comply with our vaccination (subject to legally valid exemptions) and Personal Protective Equipment policies.
Location: This role is remote, but you may be asked to travel to our New York City office periodically for team building when it reopens.
Compensation & Benefits: We offer a competitive benefits package, including comprehensive medical, dental and vision plans, short- and long-term disability, life insurance, 401K matching, parental leave, and a generous PTO policy. We also offer a collegial and passionate culture and the potential to positively impact the lives of millions of children. We are an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. All employment is decided on the basis of qualifications, merit, and business need.