Logo for Lexia Learning

Technical Security Manager

Role overview

Qualifications

  • Bachelor’s Degree in Information Security, Cybersecurity, computer science, engineering, Information Systems or related technical field
  • Minimum 5 years hands-on experience in the information security field
  • Extensive and deep knowledge of security and privacy frameworks, standards, and industry best practices
  • Knowledge of Privacy laws and principles such as GDPR, COPPA, and FERPA

Responsibilities

  • Maintain, mature, and take ownership of our program that ensures conformance to security standards
  • Facilitate annual independent audits of our organization by third-party security and privacy experts
  • Responsible for planning and managing multiple security improvement projects from requirements phase through deployment/implementation
  • Conducts enterprise risk assessment reviews and report out to senior management regarding security issues and metrics

About the company

Lexia Learning logo

Lexia Learning

E-Learning / EdTech

Lexia believes that strong literacy foundations have impact far beyond the classroom—that they are essential to our ability to communicate, express ourselves, and engage with the world around us. We believe everyone has a right to literacy, and that as educators, we have an obligation to deliver. We believe every student deserves to be taught literacy in a way that works for them, no matter who they are, where they live, what level they are at, and what learning challenges they face. We believe every teacher deserves the support they need to teach literacy confidently and effectively. We know that literacy is fully within reach for the vast majority of learners (both students and teachers) when instruction is based on the science of reading—with sound methodology; with engaging experiences supported by innovative, committed experts; and with a focus on the value of each individual learner. We’re Lexia. We’re all for literacy because literacy can and should be for all.

Company details

IndustryE-Learning / EdTech
Company size501 - 1000

Your match analysis

See how your profile stacks up against this role.

We compared the job requirements to your profile to show where you're strong and where you fall short.

Job description

Cambium Learning® Group is an award-winning educational technology solutions leader dedicated to helping all students reach their potential through individualized and differentiated instruction. Using a research-based, personalized approach, Cambium Learning Group delivers SaaS resources and instructional products that engage students and support teachers in fun, positive, safe and scalable environments. These solutions are provided through Learning A-Z® (online differentiated instruction for elementary school reading, writing and science), ExploreLearning® (online interactive math and science simulations, a math fact fluency solution, and a K–2 science solution), Voyager Sopris Learning® (blended solutions that accelerate struggling learners to achieve in literacy and math and professional development for teachers), and VKidz Learning (online comprehensive homeschool education and programs for literacy and science). We believe that every student has unlimited potential, that teachers matter, and that data, instruction, and practice are the keys to success in the classroom and beyond.

Job Overview:
The Security Manager will primarily support CAI’s Information Security program by ensuring and maintaining compliance with our current and anticipated commitments to external stakeholders and security frameworks. As our Security Manager, you will have the opportunity to leverage and build upon a mature program that is independently audited against various security standards, benchmarks, and industry best practices. The position is ideal for a well-rounded security professional that can effectively coordinate with established teams responsible for security monitoring, cloud infrastructure, enterprise support, software development, educational testing business processes, and project/customer management.

Job Responsibilities:

  • Maintain, mature, and take ownership of our program that ensures conformance to security standards. This includes but is not limited to conformance with ISO 27001, ISO 27018, ISO 42001, Privacy laws, ISO 9001, GovRAMP, FedRAMP, NIST 800, SOC, and CIS Top Controls.
  • Facilitate annual independent audits of our organization by third-party security and privacy experts. Create audit plan, co-ordinate with stakeholders, review reports and remediate audit findings.
  • Responsible for planning and managing multiple security improvement projects from requirements phase through deployment/implementation.
  • Managing document and record control processes and procedures, including maintaining accurate inventories and records of compliance/conformance artifacts
  • Responsible for our Security Awareness and related training programs. Maintains and improves processes, platforms and systems that support our training campaigns and content. Creates, monitors and reports on campaigns.
  • Supports business development by responding to requests for security and privacy information that is included in proposals for new business.
  • Performs security risk assessments of software acquisitions, technical services, business systems and new technologies.
  • Owns and administers a GRC tool to track security controls and current conformance status. Ensures that relevant security artifacts are recorded and updated.
  • Conducts enterprise risk assessment reviews and report out to senior management regarding security issues and metrics – both as an ongoing process and on an as-needed basis.
  • Assists in continual improvement by examining our current security posture and security practices, identifying risks or gaps, and recommending programs to address them.
  • Manages privacy risks including exposures created by cookies and APIs. Maintains Privacy policies and ensures compliance.

Job Requirements:

  • Bachelor’s Degree in Information Security, Cybersecurity, computer science, engineering, Information Systems or related technical field
  • Minimum 5 years hands-on experience in the information security field
  • Extensive and deep knowledge of security and privacy frameworks, standards, and industry best practices.
  • Knowledge of Privacy laws and principles such as GDPR, COPPA, and FERPA
  • Extensive and deep knowledge of tools and techniques used to protect against cybersecurity attacks and respond to incidents.
  • Information Security Certifications such as CISSP, GIAC, ISACA, AWS Security.
  • PMP certification a plus.
  • Experience with GRC tools
  • Exceptional verbal and written communication skills to effectively and accurately communicate with a variety of teams ranging from highly detailed discussions with technical and subject matter experts to executive-level communications required for senior leaders and decisionmakers.
  • Demonstrated working experience with:
    • Security and privacy standards such as ISO, GovRAMP, FedRAMP and/or other industry best practice frameworks.
    • Writing, developing, and maintaining official security and privacy-relevant records and documentation
    • Reducing organizational risk by conducting risk assessments, gap analysis, improvement plans and tracking associated corrective actions or POAMs to closure
    • Developing and executing project management plans for technical projects.
    • Effectively communicating and coordinating with senior business leaders, subject matter experts, technical leaders and third party consultants.
    • Experience of AI Governance highly desirable. Including frameworks such as NIST, ISO42001.

To apply for this opportunity, simply click on the “Apply” button and submit a cover letter and resume.

An Equal Opportunity Employer

We are dedicated to fostering a culture that celebrates unique backgrounds, ideas, and experiences. All qualified applicants will receive consideration for employment without discrimination on the basis of race, color, religion, sex, gender, gender identity/expression, sexual orientation, national origin, protected veteran status, or disability.

Apply once. Then go straight to the hiring manager.

After you apply, unlock the direct contact details of the people who actually make the call. A quick follow-up makes you 5x more likely to land an interview.

MR

Marcus Rivera

Chief Revenue Officer

m.rivera@company.com
linkedin.com/in/marcusrivera
Unlocked after you apply
·

IT Security Manager Related jobs

Other jobs at Lexia Learning

Premium

Reach out to the hiring manager directly.

Gain access to the contact details of the hiring managers who actually decide, and reach out to network with them directly. That, plus more when you upgrade:

  • Full match report with fit score and gaps
  • Career diagnostics on how recruiters read you
  • Curated company matches and warm intros
  • 48h early access to new roles

Cancel anytime.