Virginia Staffing
Chief Information Security Officer (Remote)
Virginia Staffing, Virginia Beach, Virginia, us, 23450
Chief Information Security Officer (CISO)
We believe in the power and joy of learning. At Cengage Group, our employees have a direct impact in helping students around the world discover the power and joy of learning. We are bonded by our shared purpose driving innovation that helps millions of learners improve their lives and achieve their dreams through education. Our culture values inclusion, engagement, and discovery. Our business is driven by our strong culture, and we know that creating an inclusive workplace is absolutely essential to the success of our company and our learners, as well as our individual well-being. We recognize the value of diverse perspectives in everything we do, and strive to ensure employees of all levels and backgrounds feel empowered to voice their ideas and bring their authentic selves to work. We achieve these priorities through programs, benefits, and initiatives that are integrated into the fabric of how we work every day. The Chief Information Security Officer (CISO) is a senior technology executive accountable for protecting Cengage Group's digital assets, data confidentiality, and technology infrastructure from cyber threats while ensuring compliance with regulatory requirements. This leader defines and delivers the enterprise information security strategy, building a robust and resilient security posture that enables business innovation while mitigating risk. The CISO combines deep technical expertise with executive leadership, shaping the company's security vision while driving excellence in security operations, risk management, and governance. This role balances strategic vision, business partnership, and organizational influence to ensure security becomes an enabler of digital transformation rather than a barrier to progress. As a critical member of the IT leadership team, reporting to the CIO, this role serves as the primary authority on cybersecurity matters and partners closely with business leaders, legal, compliance, and the board to align security investments with enterprise priorities and risk appetite. Key Responsibilities
Enterprise Security Strategy & Risk Leadership
Define and deliver the enterprise information security strategy, aligned with business priorities, digital transformation initiatives, and the company's risk tolerance. Lead the development and implementation of comprehensive security programs encompassing cyber defense, data protection, identity and access management, security operations, and threat intelligence. Conduct enterprise-wide risk assessments, identify vulnerabilities across the technology estate, and prioritize remediation efforts. Serve as the primary cybersecurity advisor to the CIO, executive leadership team, and board of directors. Drive security architecture decisions that balance protection with performance, cost efficiency, and user experience. Cyber Defense & Security Operations
Oversee security incident detection, response, and recovery programs. Manage the security architecture, tools, and technologies deployed across the organization's IT infrastructure. Lead security operations center (SOC), threat hunting capabilities, and vulnerability management programs. Develop and maintain incident response playbooks, disaster recovery plans, and business continuity protocols. Monitor security metrics, threat landscape trends, and attack patterns. Governance, Compliance & Data Protection
Ensure compliance with industry standards, regulatory requirements, and data protection laws. Coordinate with legal, compliance, privacy, and regulatory teams to maintain certifications, manage audits, and respond to regulatory inquiries. Develop and enforce security policies, procedures, standards, and protocols. Be responsible for data classification, data loss prevention (DLP), and privacy programs. Manage security audits, compliance assessments, and third-party risk evaluations. Business Partnership & Security Enablement
Serve as a trusted partner to business executives. Collaborate with product, engineering, and DevOps teams to integrate security measures into software development lifecycles. Partner with IT leadership on technology modernization initiatives. Communicate security value and risk posture at the executive and board levels. Champion security awareness and cultural transformation across the enterprise. Leadership & Talent Development
Lead and inspire a global security team. Establish career pathways, competencies, and training programs. Champion a culture of accountability, collaboration, continuous learning, and innovation. Act as an executive sponsor for security awareness training programs. Build strategic relationships with peer CISOs, industry groups, and threat intelligence communities. Qualifications
15+ years of progressive leadership in information security, cybersecurity, or risk management. Proven track record developing and implementing enterprise security programs. Extensive knowledge of information security principles, cybersecurity frameworks, and risk management practices. Deep expertise in security technologies. Solid understanding of data privacy regulations and compliance requirements. Experience securing cloud infrastructure and implementing cloud-native security architectures. Demonstrated ability to lead incident response programs. Exceptional leadership skills with a history of developing high-performing, distributed security teams. Strong business sense and communication skills. Experience working in PE-backed technology companies preferred. Relevant certifications strongly preferred. Familiarity with DevSecOps practices, secure software development, ethical hacking, and penetration testing techniques valued. Understanding of artificial intelligence and machine learning applications in security. Cengage Group is committed to working with broad talent pools to attract and hire strong and most qualified individuals. Our job applicants are considered regardless of race, national origin, religion, sex, sexual orientation, genetic information, disability, age, veteran status, and any other classification protected by applicable federal, state, provincial or local laws. Cengage is also committed to providing reasonable accommodations for qualified individuals with disabilities including during our job application process. If you are an applicant with a disability and require reasonable accommodation in our job application process, please contact us at accommodations.ta@cengage.com or at +1 (617) 289-7917. Cengage Group, a global education technology company serving millions of learners, provides affordable, quality digital products and services that equip students with the skills and competencies needed to be job ready. For more than 100 years, we have enabled the power and joy of learning with trusted, engaging content, and now, integrated digital platforms. We serve the higher education, workforce skills, secondary education, English language teaching and research markets worldwide. Through our scalable technology, including MindTap and Cengage Unlimited, we support all learners who seek to improve their lives and achieve their dreams through education. Compensation: At Cengage Group, we take great pride in our commitment to providing a comprehensive and rewarding Total Rewards package designed to support and empower our employees. The full base pay range for this position is $250,200.00 - $308,000.00 USD. Individual base pay will vary based on work schedule, qualifications, experience, internal equity, and geographic location. Sales roles often incorporate a significant incentive compensation program beyond this base pay range. Warning: Be aware, there has been an increase of targeted recruitment scams perpetrated by bad actors falsely providing job offers on behalf Cengage Group to candidates as a means of obtaining personal information. Note that Cengage will always interview candidates via live in-person meetings, phone calls, and video calls before an offer would be extended. Also, be sure to check that communication is coming from an @cengage.com email address.
We believe in the power and joy of learning. At Cengage Group, our employees have a direct impact in helping students around the world discover the power and joy of learning. We are bonded by our shared purpose driving innovation that helps millions of learners improve their lives and achieve their dreams through education. Our culture values inclusion, engagement, and discovery. Our business is driven by our strong culture, and we know that creating an inclusive workplace is absolutely essential to the success of our company and our learners, as well as our individual well-being. We recognize the value of diverse perspectives in everything we do, and strive to ensure employees of all levels and backgrounds feel empowered to voice their ideas and bring their authentic selves to work. We achieve these priorities through programs, benefits, and initiatives that are integrated into the fabric of how we work every day. The Chief Information Security Officer (CISO) is a senior technology executive accountable for protecting Cengage Group's digital assets, data confidentiality, and technology infrastructure from cyber threats while ensuring compliance with regulatory requirements. This leader defines and delivers the enterprise information security strategy, building a robust and resilient security posture that enables business innovation while mitigating risk. The CISO combines deep technical expertise with executive leadership, shaping the company's security vision while driving excellence in security operations, risk management, and governance. This role balances strategic vision, business partnership, and organizational influence to ensure security becomes an enabler of digital transformation rather than a barrier to progress. As a critical member of the IT leadership team, reporting to the CIO, this role serves as the primary authority on cybersecurity matters and partners closely with business leaders, legal, compliance, and the board to align security investments with enterprise priorities and risk appetite. Key Responsibilities
Enterprise Security Strategy & Risk Leadership
Define and deliver the enterprise information security strategy, aligned with business priorities, digital transformation initiatives, and the company's risk tolerance. Lead the development and implementation of comprehensive security programs encompassing cyber defense, data protection, identity and access management, security operations, and threat intelligence. Conduct enterprise-wide risk assessments, identify vulnerabilities across the technology estate, and prioritize remediation efforts. Serve as the primary cybersecurity advisor to the CIO, executive leadership team, and board of directors. Drive security architecture decisions that balance protection with performance, cost efficiency, and user experience. Cyber Defense & Security Operations
Oversee security incident detection, response, and recovery programs. Manage the security architecture, tools, and technologies deployed across the organization's IT infrastructure. Lead security operations center (SOC), threat hunting capabilities, and vulnerability management programs. Develop and maintain incident response playbooks, disaster recovery plans, and business continuity protocols. Monitor security metrics, threat landscape trends, and attack patterns. Governance, Compliance & Data Protection
Ensure compliance with industry standards, regulatory requirements, and data protection laws. Coordinate with legal, compliance, privacy, and regulatory teams to maintain certifications, manage audits, and respond to regulatory inquiries. Develop and enforce security policies, procedures, standards, and protocols. Be responsible for data classification, data loss prevention (DLP), and privacy programs. Manage security audits, compliance assessments, and third-party risk evaluations. Business Partnership & Security Enablement
Serve as a trusted partner to business executives. Collaborate with product, engineering, and DevOps teams to integrate security measures into software development lifecycles. Partner with IT leadership on technology modernization initiatives. Communicate security value and risk posture at the executive and board levels. Champion security awareness and cultural transformation across the enterprise. Leadership & Talent Development
Lead and inspire a global security team. Establish career pathways, competencies, and training programs. Champion a culture of accountability, collaboration, continuous learning, and innovation. Act as an executive sponsor for security awareness training programs. Build strategic relationships with peer CISOs, industry groups, and threat intelligence communities. Qualifications
15+ years of progressive leadership in information security, cybersecurity, or risk management. Proven track record developing and implementing enterprise security programs. Extensive knowledge of information security principles, cybersecurity frameworks, and risk management practices. Deep expertise in security technologies. Solid understanding of data privacy regulations and compliance requirements. Experience securing cloud infrastructure and implementing cloud-native security architectures. Demonstrated ability to lead incident response programs. Exceptional leadership skills with a history of developing high-performing, distributed security teams. Strong business sense and communication skills. Experience working in PE-backed technology companies preferred. Relevant certifications strongly preferred. Familiarity with DevSecOps practices, secure software development, ethical hacking, and penetration testing techniques valued. Understanding of artificial intelligence and machine learning applications in security. Cengage Group is committed to working with broad talent pools to attract and hire strong and most qualified individuals. Our job applicants are considered regardless of race, national origin, religion, sex, sexual orientation, genetic information, disability, age, veteran status, and any other classification protected by applicable federal, state, provincial or local laws. Cengage is also committed to providing reasonable accommodations for qualified individuals with disabilities including during our job application process. If you are an applicant with a disability and require reasonable accommodation in our job application process, please contact us at accommodations.ta@cengage.com or at +1 (617) 289-7917. Cengage Group, a global education technology company serving millions of learners, provides affordable, quality digital products and services that equip students with the skills and competencies needed to be job ready. For more than 100 years, we have enabled the power and joy of learning with trusted, engaging content, and now, integrated digital platforms. We serve the higher education, workforce skills, secondary education, English language teaching and research markets worldwide. Through our scalable technology, including MindTap and Cengage Unlimited, we support all learners who seek to improve their lives and achieve their dreams through education. Compensation: At Cengage Group, we take great pride in our commitment to providing a comprehensive and rewarding Total Rewards package designed to support and empower our employees. The full base pay range for this position is $250,200.00 - $308,000.00 USD. Individual base pay will vary based on work schedule, qualifications, experience, internal equity, and geographic location. Sales roles often incorporate a significant incentive compensation program beyond this base pay range. Warning: Be aware, there has been an increase of targeted recruitment scams perpetrated by bad actors falsely providing job offers on behalf Cengage Group to candidates as a means of obtaining personal information. Note that Cengage will always interview candidates via live in-person meetings, phone calls, and video calls before an offer would be extended. Also, be sure to check that communication is coming from an @cengage.com email address.