Cengage Group
Join Cengage Group and Make a Difference!
At Cengage Group, our commitment is to empower students globally to discover the joy of learning. Together, we drive innovation that positively impacts millions, helping them enhance their lives through education.
Embrace Our Inclusive Culture
We value inclusion, engagement, and discovery at Cengage Group. Our success is built on a diverse workplace where every employee's perspective is valued. We encourage all team members to share their ideas and bring their authentic selves to work, backed by comprehensive initiatives, programs, and benefits. Learn more about our commitment to inclusion and belonging in the workplace.
The Chief Information Security Officer (CISO) is a key technology executive responsible for safeguarding Cengage Group’s digital assets and ensuring data privacy. You will lead the development of the enterprise information security strategy, enhancing our security posture to enable innovation and mitigate risks effectively.
Key Responsibilities
Enterprise Security Strategy & Risk Leadership
Define and implement a robust information security strategy that aligns with business needs and risk tolerance. Develop comprehensive security programs focused on cyber defense, data protection, and threat intelligence. Conduct risk assessments to identify vulnerabilities and prioritize remediation efforts. Serve as the main cybersecurity advisor to the executive team and board of directors, translating risks into strategic recommendations. Drive security architecture decisions that optimize protection without compromising performance. Cyber Defense & Security Operations
Oversee security incident response and recovery to quickly mitigate breaches. Manage security tools and technologies deployed across the IT infrastructure. Lead the security operations center (SOC) and enhance threat detection and vulnerability management. Maintain incident response protocols and business continuity plans. Analyze security metrics to inform essential security posture decisions. Governance, Compliance & Data Protection
Ensure adherence to global standards and regulations relevant to privacy and data protection. Work collaboratively with legal and compliance teams to uphold relevant certifications and manage audits. Develop and enforce security policies and protocols that meet business objectives. Oversee data classification and privacy initiatives to safeguard sensitive information. Manage vendor and third-party risk assessments to adhere to security requirements. Business Partnership & Security Enablement
Act as a trusted partner to business leaders, ensuring that security needs align with innovation. Collaborate with product and engineering teams to embed security within development processes. Engage with IT leadership on modernization initiatives, ensuring security integration from the outset. Communicate the value of security investments to executives and the board. Foster a culture of security awareness across the organization. Leadership & Talent Development
Inspire and lead a global security team, fostering growth and high performance. Establish career pathways and training programs to enhance cybersecurity expertise. Promote a culture of collaboration and continuous improvement within the security organization. Actively support employee training programs to build a strong cybersecurity culture. Network with industry peers to stay informed of emerging risks and security strategies. Qualifications
15+ years of experience in information security and risk management, with significant leadership experience. Proven success in developing and implementing security programs in complex organizations. Comprehensive knowledge of cybersecurity frameworks and risk management practices. In-depth familiarity with security technologies and cloud infrastructure security. Strong understanding of data privacy regulations and compliance management. Exceptional leadership and communication skills, with the ability to influence senior leadership. Certifications like CISSP, CISM, CISA are strong assets. Familiarity with DevSecOps practices and emerging technologies is a plus. Cengage Group is dedicated to fostering a diverse workplace and welcomes candidates from all backgrounds. We ensure all applicants are treated equitably in our hiring process. Compensation We take pride in our comprehensive rewards package designed to support and empower our employees. The compensation range for this role is $250,200.00 - $308,000.00 USD, with variations based on experience, qualifications, and location. We are committed to a secure hiring process and will always conduct interviews through official channels. Please ensure any job communications come from a verified Cengage email address.
Enterprise Security Strategy & Risk Leadership
Define and implement a robust information security strategy that aligns with business needs and risk tolerance. Develop comprehensive security programs focused on cyber defense, data protection, and threat intelligence. Conduct risk assessments to identify vulnerabilities and prioritize remediation efforts. Serve as the main cybersecurity advisor to the executive team and board of directors, translating risks into strategic recommendations. Drive security architecture decisions that optimize protection without compromising performance. Cyber Defense & Security Operations
Oversee security incident response and recovery to quickly mitigate breaches. Manage security tools and technologies deployed across the IT infrastructure. Lead the security operations center (SOC) and enhance threat detection and vulnerability management. Maintain incident response protocols and business continuity plans. Analyze security metrics to inform essential security posture decisions. Governance, Compliance & Data Protection
Ensure adherence to global standards and regulations relevant to privacy and data protection. Work collaboratively with legal and compliance teams to uphold relevant certifications and manage audits. Develop and enforce security policies and protocols that meet business objectives. Oversee data classification and privacy initiatives to safeguard sensitive information. Manage vendor and third-party risk assessments to adhere to security requirements. Business Partnership & Security Enablement
Act as a trusted partner to business leaders, ensuring that security needs align with innovation. Collaborate with product and engineering teams to embed security within development processes. Engage with IT leadership on modernization initiatives, ensuring security integration from the outset. Communicate the value of security investments to executives and the board. Foster a culture of security awareness across the organization. Leadership & Talent Development
Inspire and lead a global security team, fostering growth and high performance. Establish career pathways and training programs to enhance cybersecurity expertise. Promote a culture of collaboration and continuous improvement within the security organization. Actively support employee training programs to build a strong cybersecurity culture. Network with industry peers to stay informed of emerging risks and security strategies. Qualifications
15+ years of experience in information security and risk management, with significant leadership experience. Proven success in developing and implementing security programs in complex organizations. Comprehensive knowledge of cybersecurity frameworks and risk management practices. In-depth familiarity with security technologies and cloud infrastructure security. Strong understanding of data privacy regulations and compliance management. Exceptional leadership and communication skills, with the ability to influence senior leadership. Certifications like CISSP, CISM, CISA are strong assets. Familiarity with DevSecOps practices and emerging technologies is a plus. Cengage Group is dedicated to fostering a diverse workplace and welcomes candidates from all backgrounds. We ensure all applicants are treated equitably in our hiring process. Compensation We take pride in our comprehensive rewards package designed to support and empower our employees. The compensation range for this role is $250,200.00 - $308,000.00 USD, with variations based on experience, qualifications, and location. We are committed to a secure hiring process and will always conduct interviews through official channels. Please ensure any job communications come from a verified Cengage email address.