Director of Cybersecurity

Summary

Join Macmillan Learning as the Director of Cybersecurity, where you will lead the development and execution of a comprehensive cybersecurity strategy. You will be responsible for establishing and enforcing security policies, collaborating with executive leadership, and providing regular reports on cybersecurity posture. This role requires identifying and prioritizing cybersecurity risks, ensuring compliance with regulations, and managing the Security Operations Center. You will also conduct security assessments, coordinate incident response, and support customer inquiries on certification and compliance. The ideal candidate will have extensive experience in information security, strong leadership skills, and a deep understanding of cybersecurity frameworks and technologies. Macmillan Learning offers a competitive salary and benefits package.

Requirements

• Minimum of 10 years of progressive experience in information security, including at least 5 years in a cybersecurity leadership role
• Proven hands-on experience with core security technologies such as vulnerability scanners, intrusion detection and prevention systems (IDS/IPS), web application firewalls (WAF), and botnet and DDoS protection solutions
• Strong expertise in host and network security standards, configurations, and best practices across hybrid cloud and on-prem environments
• Deep knowledge of industry-standard cybersecurity frameworks and regulatory compliance models, including SOC 2, NIST, ISO/IEC 27001, and CIS Controls
• Demonstrated ability to manage and deliver complex security initiatives using DevSecOps and agile methodologies
• Proficiency in security monitoring, log aggregation, and observability tools such as Splunk, Sumo Logic, Datadog, and Grafana
• Exceptional communication skills with the ability to convey complex technical information clearly and effectively to technical and non-technical audiences, both in writing and verbally
• Track record of applying strong analytical and problem-solving skills in high-stakes, real-world scenarios
• A passion for cybersecurity, continuous improvement, and building secure, privacy-first digital experiences

Responsibilities

• Develop and execute a comprehensive cybersecurity strategy aligned with Macmillan Learning's mission and business objectives
• Establish and enforce security policies, standards, and procedures to ensure consistent protection across the organization
• Collaborate with executive leadership to integrate security considerations into business planning and decision-making processes
• Provide regular reports on cybersecurity posture, risks, and initiatives to the CIO and other key stakeholders
• Identify, assess, and prioritize cybersecurity risks across the enterprise
• Ensure compliance with applicable laws, regulations, and standards (e.g., GDPR, CCPA, NIST)
• Develop and maintain a risk management framework to address emerging and ongoing threats
• Liaise with auditors and regulatory bodies during security evaluations and assessments
• Support RFP and customer inquiries on Certification and Compliance, dissemination of information on our security practices and posture
• Support Crisis Management team and customer communications in the event of an incident
• Manage the Security Operations Center (SOC) to ensure effective real-time threat analysis and response
• Conduct regular security assessments and audits to identify vulnerabilities and implement mitigation strategies
• Coordinate incident response efforts, ensuring timely resolution and communication with relevant parties

Preferred Qualifications

• Master’s degree in Cybersecurity, Computer Science, Information Assurance, or a related field
• Experience in the publishing, education, or edtech industries
• One or more advanced industry certifications such as CISSP, CISM, CISA, or GIAC Security Leadership (GSLC)
• AWS Certified Security – Specialty certification, or equivalent demonstrated expertise in securing AWS cloud environments
• Hands-on experience with AWS development, architecture, or DevOps workflows, particularly in implementing security controls and automation within CI/CD pipelines
• Background in educational technology, publishing, or SaaS product environments
• Experience designing security programs for data privacy compliance, including GDPR, CCPA, and FERPA
• Demonstrated leadership in cross-functional cybersecurity projects, policy development, and organizational change management
• Active participation in the cybersecurity community through research, presentations, or professional networks

Benefits

• Competitive pay and bonus plan
• Generous Health Benefits (Medical, Dental, Vision)
• Contributions to your 401k retirement account through Fidelity
• Generous paid time off, sick time, floating holidays, and paid holidays (Spring Reset Day , Juneteenth, Indigenous People's Day, Election Day, and more!)
• Employee Assistance Program, Education Assistance Program
• 100% employer-paid life and AD&D insurance