Director, Information Security
Remote
Full Time
#Engineering
#Information Security
#Risk Management
#Security
#Compliance
#GDPR
#CCPA
#SOX
#NIST
#AWS
#GCP
#Cloud Infrastructure
At Nerdy, we are on a mission to transform how the world learns through the power of technology. Our platform leverages AI to connect learners of all ages with experts across thousands of subjects, ranging from academic tutoring to professional certification. As we continue to scale our impact, we are looking for a visionary leader to join our team as the Director of Information Security. This is a unique opportunity to shape the security posture of a fast-growing, consumer-facing organization that is dedicated to making high-quality education accessible to everyone.
The opportunity
As our Director of Information Security, you will serve as a pivotal leader responsible for safeguarding our digital and physical assets. You will be the architect of our security strategy, ensuring that our innovative learning platform remains secure while maintaining compliance with global regulatory standards. You will bridge the gap between complex technical requirements and business objectives, working closely with engineering and leadership teams to foster a culture of security that protects our customers, our data, and our intellectual property.
A day in the life
- You will define and implement comprehensive security policies and procedures, ensuring our cloud infrastructure remains resilient against both internal and external threats.
- You will mentor and inspire our security and IT teams, driving professional development while overseeing all compliance activities related to frameworks like GDPR, CCPA, SOX, and NIST.
- You will act as the primary security advocate for the organization, presenting our security posture to leadership and collaborating with partners across the company to embed security best practices into our product development lifecycle.
Who you are
You are a seasoned security executive with a deep background in software engineering and a passion for protecting consumer-facing platforms. You thrive in environments that require both strategic thinking and the ability to roll up your sleeves when necessary. You possess the following qualifications:
- Over 10 years of experience leading security and risk management programs, ideally within SaaS or PaaS environments.
- A Bachelor’s degree in Computer Science, Engineering, or a related field.
- Extensive expertise in cloud infrastructure, specifically AWS and GCP, and a proven track record of using automation to scale security operations.
- A strong understanding of global compliance requirements, including GDPR, CCPA, and SOX.
- Exceptional communication skills, with the ability to inspire teams and influence stakeholders at all levels of the organization.
- Professional certifications such as CISA, CISM, or CRISC are considered a plus.
Why you'll love it here
We believe in supporting our team members both professionally and personally. By joining us, you will enjoy a remote work environment that offers the flexibility to do your best work from anywhere. Our benefits package is designed to provide security and long-term growth, including:
- Equity compensation in the form of Restricted Stock Units.
- Comprehensive medical, dental, vision, and life insurance plans.
- A 401k plan with company matching.
- A dedicated learning budget and a free membership to our platform for you and your household.
- The chance to play a key role in a company that is fundamentally changing the landscape of online education.




