Jobs for Humanity
Director of Cybersecurity
The Director of Cybersecurity serves as the strategic and operational leader responsible for defining and executing a comprehensive cybersecurity vision for Macmillan Learning. This role ensures the protection of enterprise systems, data, and digital infrastructure by overseeing the development and enforcement of security policies, practices, and technologies. Acting as the organization's foremost authority on cybersecurity, the Director works across departments to integrate security into business operations, reduce risk, and align security initiatives with corporate and regulatory priorities. The role also drives a culture of proactive security awareness, resilience, and continuous improvement throughout the organization. Responsibilities include, but are not limited to: Develop and execute a comprehensive cybersecurity strategy aligned with Macmillan Learning's mission and business objectives. Establish and enforce security policies, standards, and procedures to ensure consistent protection across the organization. Collaborate with executive leadership to integrate security considerations into business planning and decision-making processes. Provide regular reports on cybersecurity posture, risks, and initiatives to the CIO and other key stakeholders. Identify, assess, and prioritize cybersecurity risks across the enterprise. Ensure compliance with applicable laws, regulations, and standards (e.g., GDPR, CCPA, NIST). Develop and maintain a risk management framework to address emerging and ongoing threats. Liaise with auditors and regulatory bodies during security evaluations and assessments. Support RFP and customer inquiries on Certification and Compliance, dissemination of information on our security practices and posture. Support Crisis Management team and customer communications in the event of an incident. Manage the Security Operations Center (SOC) to ensure effective real-time threat analysis and response. Conduct regular security assessments and audits to identify vulnerabilities and implement mitigation strategies. Coordinate incident response efforts, ensuring timely resolution and communication with relevant parties. Required Qualifications: Minimum of 10 years of progressive experience in information security, including at least 5 years in a cybersecurity leadership role. Proven hands-on experience with core security technologies such as vulnerability scanners, intrusion detection and prevention systems (IDS/IPS), web application firewalls (WAF), and botnet and DDoS protection solutions. Strong expertise in host and network security standards, configurations, and best practices across hybrid cloud and on-prem environments. Deep knowledge of industry-standard cybersecurity frameworks and regulatory compliance models, including SOC 2, NIST, ISO/IEC 27001, and CIS Controls. Demonstrated ability to manage and deliver complex security initiatives using DevSecOps and agile methodologies. Proficiency in security monitoring, log aggregation, and observability tools such as Splunk, Sumo Logic, Datadog, and Grafana. Exceptional communication skills with the ability to convey complex technical information clearly and effectively to technical and non-technical audiences, both in writing and verbally. Track record of applying strong analytical and problem-solving skills in high-stakes, real-world scenarios. A passion for cybersecurity, continuous improvement, and building secure, privacy-first digital experiences. Preferred Qualifications: Master's degree in Cybersecurity, Computer Science, Information Assurance, or a related field. Experience in the publishing, education, or edtech industries. One or more advanced industry certifications such as CISSP, CISM, CISA, or GIAC Security Leadership (GSLC). AWS Certified Security
Specialty certification, or equivalent demonstrated expertise in securing AWS cloud environments. Hands-on experience with AWS development, architecture, or DevOps workflows, particularly in implementing security controls and automation within CI/CD pipelines. Background in educational technology, publishing, or SaaS product environments. Experience designing security programs for data privacy compliance, including GDPR, CCPA, and FERPA. Demonstrated leadership in cross-functional cybersecurity projects, policy development, and organizational change management. Active participation in the cybersecurity community through research, presentations, or professional networks. Salary Range: $140,000 - $180,000/year Exemption Status: Exempt Physical Requirements: Requires long periods of close concentration and multi-tasking in noisy/busy environment; must be able to travel and work overtime occasionally. The position is eligible for remote employment, excluding the following locations: Alaska, Arkansas, Hawaii, Mississippi, Nevada, South Dakota, West Virginia, Wyoming.
The Director of Cybersecurity serves as the strategic and operational leader responsible for defining and executing a comprehensive cybersecurity vision for Macmillan Learning. This role ensures the protection of enterprise systems, data, and digital infrastructure by overseeing the development and enforcement of security policies, practices, and technologies. Acting as the organization's foremost authority on cybersecurity, the Director works across departments to integrate security into business operations, reduce risk, and align security initiatives with corporate and regulatory priorities. The role also drives a culture of proactive security awareness, resilience, and continuous improvement throughout the organization. Responsibilities include, but are not limited to: Develop and execute a comprehensive cybersecurity strategy aligned with Macmillan Learning's mission and business objectives. Establish and enforce security policies, standards, and procedures to ensure consistent protection across the organization. Collaborate with executive leadership to integrate security considerations into business planning and decision-making processes. Provide regular reports on cybersecurity posture, risks, and initiatives to the CIO and other key stakeholders. Identify, assess, and prioritize cybersecurity risks across the enterprise. Ensure compliance with applicable laws, regulations, and standards (e.g., GDPR, CCPA, NIST). Develop and maintain a risk management framework to address emerging and ongoing threats. Liaise with auditors and regulatory bodies during security evaluations and assessments. Support RFP and customer inquiries on Certification and Compliance, dissemination of information on our security practices and posture. Support Crisis Management team and customer communications in the event of an incident. Manage the Security Operations Center (SOC) to ensure effective real-time threat analysis and response. Conduct regular security assessments and audits to identify vulnerabilities and implement mitigation strategies. Coordinate incident response efforts, ensuring timely resolution and communication with relevant parties. Required Qualifications: Minimum of 10 years of progressive experience in information security, including at least 5 years in a cybersecurity leadership role. Proven hands-on experience with core security technologies such as vulnerability scanners, intrusion detection and prevention systems (IDS/IPS), web application firewalls (WAF), and botnet and DDoS protection solutions. Strong expertise in host and network security standards, configurations, and best practices across hybrid cloud and on-prem environments. Deep knowledge of industry-standard cybersecurity frameworks and regulatory compliance models, including SOC 2, NIST, ISO/IEC 27001, and CIS Controls. Demonstrated ability to manage and deliver complex security initiatives using DevSecOps and agile methodologies. Proficiency in security monitoring, log aggregation, and observability tools such as Splunk, Sumo Logic, Datadog, and Grafana. Exceptional communication skills with the ability to convey complex technical information clearly and effectively to technical and non-technical audiences, both in writing and verbally. Track record of applying strong analytical and problem-solving skills in high-stakes, real-world scenarios. A passion for cybersecurity, continuous improvement, and building secure, privacy-first digital experiences. Preferred Qualifications: Master's degree in Cybersecurity, Computer Science, Information Assurance, or a related field. Experience in the publishing, education, or edtech industries. One or more advanced industry certifications such as CISSP, CISM, CISA, or GIAC Security Leadership (GSLC). AWS Certified Security
Specialty certification, or equivalent demonstrated expertise in securing AWS cloud environments. Hands-on experience with AWS development, architecture, or DevOps workflows, particularly in implementing security controls and automation within CI/CD pipelines. Background in educational technology, publishing, or SaaS product environments. Experience designing security programs for data privacy compliance, including GDPR, CCPA, and FERPA. Demonstrated leadership in cross-functional cybersecurity projects, policy development, and organizational change management. Active participation in the cybersecurity community through research, presentations, or professional networks. Salary Range: $140,000 - $180,000/year Exemption Status: Exempt Physical Requirements: Requires long periods of close concentration and multi-tasking in noisy/busy environment; must be able to travel and work overtime occasionally. The position is eligible for remote employment, excluding the following locations: Alaska, Arkansas, Hawaii, Mississippi, Nevada, South Dakota, West Virginia, Wyoming.