Varsity Tutors, a Nerdy Company is hiring a
Director

Summary

Nerdy is seeking a seasoned Director of Information Security with over 10 years of experience to join their team. This role involves safeguarding the organization's information assets, developing robust security strategies, and ensuring compliance with regulatory requirements.

Requirements

• 10+ years of security experience developing and leading company wide security, risk management, and other related programs
• Bachelor's degree in computer science, engineering or equivalent required
• Demonstrated success as a security leader in a consumer facing business of substantial scale and complexity
• In-depth understanding of all related compliance issues in a consumer business to include Privacy, GDPR, CCPA, SOX, NIST, etc
• Demonstrated understanding of the use of data and analytics in breach detection, monitoring and forensics of the security environment
• Deep expertise in audit and assessment methodologies, procedures, and policies that relate to information networks, systems and applications
• Strong verbal and written communication skills, especially in the areas of presentation and interaction with people at all levels across the organization
• Ability to inspire investment from the broader population of employees to ensure active participation and championing of key security initiatives
• Background in software engineering at product development companies, preferably SaaS or PaaS and experience in start-ups as well as larger enterprises
• Experience with modern cloud infrastructure such as AWS and GCP
• Experience with automation to scale yourself and the team to identify, audit, and remediate
• Decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one

Responsibilities

• Define functional strategies and specific objectives around policies and procedures to support overall company security
• Maintain and present documentation as it relates to cloud security operations, processes, standards, architectures, and provide guidance for security remediation to business and engineering partners
• Define the types of security education and training needed, partnering with HR to ensure compliance
• Champion Nerdy’s security strategy collaborating with the organization's key partners to establish the vision ensuring the mitigation of risk and the protection of internal data, customer data, and intellectual property
• Drive oversight of all activities related to security compliance, focusing specifically on Information Security and Risk Management across departments
• Mentor and inspire the security team to continually develop skills, capabilities and partnerships across the organization
• Represent the security posture to Nerdy’s leadership team
• Stay abreast of current and emerging security threats and design security architecture to mitigate them
• Ensure alignment between security architecture frameworks and standards and overall business strategy

Preferred Qualifications

• CISA- Certified Information Systems Auditor (auditing, monitoring, and assessing IT and business systems)
• CISM - Certified Information Security Manager (affirms ability to assess risks, implement effective governance, and proactively respond to incidents)
• CRISC - Certified in Risk and Information Systems Control - IT risk management

Benefits

• Total Compensation Package including Competitive Salary and Equity (Restricted Stock Units) in the company
• Healthcare Plans (Medical, Dental, Vision, Life)
• 401k Company Matching Plan
• Maternity, Paternal, and Adoption Leave
• Remote Position
• Flexible PTO
• Free Learning Membership for you and your household (1-1 tutoring hours, unlimited use of on-demand services, and access to our online classes)
• Unique opportunity to help transform how the world learns!