Director, Security
Varsity Tutors, a Nerdy Company · United States · 3 wk ago
RemoteRemoteInformation TechnologyFull-time
About the role
The Director of Security will lead the information security strategy and enterprise IT operations at Nerdy. This role will build and scale security programs, protect company and customer data, and ensure reliable, efficient IT infrastructure across the organization. The Director will partner closely with Engineering, Legal, and executive leadership to balance risk management with business velocity.
Qualifications
- 10+ years of experience in information security, with 5+ years in leadership roles
- Proven track record building and scaling security programs in a fast-paced technology environment
- Deep knowledge of security frameworks and compliance standards (SOC 2, ISO 27001, NIST, GDPR, CCPA)
- Strong understanding of cloud security (AWS, GCP, or Azure), identity management, and modern IT operations
- Experience leading incident response and managing security risk
- Demonstrated ability to manage budgets, vendors, and cross-functional stakeholders
- Excellent communication skills, including the ability to present to executives and the board
- Bachelor's degree in Computer Science, Information Security, or related field, or equivalent experience
- Relevant certifications (e.g., CISSP, CISM, CISA) are a plus
Responsibilities
- Define and execute the company's overall security strategy, roadmap, and governance framework
- Build, lead, and mentor a high-performing team across information security
- Establish and maintain security policies, standards, and incident response procedures
- Oversee enterprise IT operations including endpoint management, identity and access management, and SaaS administration
- Lead security compliance efforts and audits (e.g., SOC 2, ISO 27001, GDPR, CCPA)
- Manage vulnerability management, threat detection, and security monitoring programs
- Partner with Engineering to embed security best practices into the software development lifecycle
- Own vendor relationships and budget for security and IT tools and services
- Report on security posture, risk, and key metrics to executive leadership and the board
- Drive security awareness training and a culture of security across the organization