Fast Facts

Macmillan Learning seeks a Director of Cybersecurity responsible for developing and executing cybersecurity strategies, integrating security into business operations, and fostering a culture of proactive security awareness for the organization.

Responsibilities: Lead comprehensive cybersecurity strategy, enforce policies, collaborate with leadership, manage risks, ensure compliance, and oversee the Security Operations Center operations.

Skills: Requires extensive knowledge in information security, experience with security technologies, strong communication skills, and a passion for continuous improvement in cybersecurity.

Qualifications: Must have at least 10 years in information security, ideally with prior leadership experience, and relevant cybersecurity certifications; a Master's degree and experience in education/edtech preferred.

Location: Remote employment available, not including specific states such as Alaska and Arkansas.

Compensation: $140000 - $180000 / Annually

At Macmillan Learning, we're committed to driving innovation that transforms education. We seek team members who thrive on pushing boundaries, envisioning future possibilities, and building solutions that make a lasting impact. Whether you're a Pioneer shaping bold new ideas, a Builder turning possibilities into reality, or a Stabilizer optimizing for success, you'll play a vital role in advancing our mission. If you're excited by the prospect of testing new technologies, implementing transformative strategies, and thriving in a fast-paced, innovative environment, we’d love to hear from you!

The Director of Cybersecurity serves as the strategic and operational leader responsible for defining and executing a comprehensive cybersecurity vision for Macmillan Learning. This role ensures the protection of enterprise systems, data, and digital infrastructure by overseeing the development and enforcement of security policies, practices, and technologies. Acting as the organization’s foremost authority on cybersecurity, the Director works across departments to integrate security into business operations, reduce risk, and align security initiatives with corporate and regulatory priorities. The role also drives a culture of proactive security awareness, resilience, and continuous improvement throughout the organization.

Studies have shown that women and people of color are less likely to apply for jobs unless they believe they can perform every job description task. We strongly encourage and welcome applications from individuals of all backgrounds, including women and people of color, to apply for this role. We're eager to meet people that believe in our mission and can contribute to our team in a variety of ways - not just candidates who check all the boxes. We believe in fostering a diverse and inclusive workplace, and we recognize that unique perspectives and experiences contribute to the strength of our team. If you are interested in applying, we encourage you to think broadly about your background and skill set for the role. We value your potential, and we are committed to providing a supportive and inclusive environment where all individuals can thrive and contribute their best.

Responsibilities include, but are not limited to:

• Develop and execute a comprehensive cybersecurity strategy aligned with Macmillan Learning's mission and business objectives.
• Establish and enforce security policies, standards, and procedures to ensure consistent protection across the organization.
•  Collaborate with executive leadership to integrate security considerations into business planning and decision-making processes.
•  Provide regular reports on cybersecurity posture, risks, and initiatives to the CIO and other key stakeholders.
• Identify, assess, and prioritize cybersecurity risks across the enterprise.
•  Ensure compliance with applicable laws, regulations, and standards (e.g., GDPR, CCPA, NIST).
•  Develop and maintain a risk management framework to address emerging and ongoing threats.
•  Liaise with auditors and regulatory bodies during security evaluations and assessments.
•  Support RFP and customer inquiries on Certification and Compliance, dissemination of information on our security practices and posture.
•  Support Crisis Management team and customer communications in the event of an incident.
• Manage the Security Operations Center (SOC) to ensure effective real-time threat analysis and response.
•  Conduct regular security assessments and audits to identify vulnerabilities and implement mitigation strategies.
• Coordinate incident response efforts, ensuring timely resolution and communication with relevant parties.

Required Qualifications:

• Minimum of 10 years of progressive experience in information security, including at least 5 years in a cybersecurity leadership role.
•  Proven hands-on experience with core security technologies such as vulnerability scanners, intrusion detection and prevention systems (IDS/IPS), web application firewalls (WAF), and botnet and DDoS protection solutions.
•  Strong expertise in host and network security standards, configurations, and best practices across hybrid cloud and on-prem environments.
•  Deep knowledge of industry-standard cybersecurity frameworks and regulatory compliance models, including SOC 2, NIST, ISO/IEC 27001, and CIS Controls.
•  Demonstrated ability to manage and deliver complex security initiatives using DevSecOps and agile methodologies.
•  Proficiency in security monitoring, log aggregation, and observability tools such as Splunk, Sumo Logic, Datadog, and Grafana.
•  Exceptional communication skills with the ability to convey complex technical information clearly and effectively to technical and non-technical audiences, both in writing and verbally.
• Track record of applying strong analytical and problem-solving skills in high-stakes, real-world scenarios.
•  A passion for cybersecurity, continuous improvement, and building secure, privacy-first digital experiences.

Preferred Qualifications:

•  Master’s degree in Cybersecurity, Computer Science, Information Assurance, or a related field.
•  Experience in the publishing, education, or edtech industries.
• One or more advanced industry certifications such as CISSP, CISM, CISA, or GIAC Security Leadership (GSLC).
•  AWS Certified Security – Specialty certification, or equivalent demonstrated expertise in securing AWS cloud environments.
• Hands-on experience with AWS development, architecture, or DevOps workflows, particularly in implementing security controls and automation within CI/CD pipelines.
• Background in educational technology, publishing, or SaaS product environments.
• Experience designing security programs for data privacy compliance, including GDPR, CCPA, and FERPA.
• Demonstrated leadership in cross-functional cybersecurity projects, policy development, and organizational change management.
• Active participation in the cybersecurity community through research, presentations, or professional networks.

Salary Range:  $140,000 - $180,000/year

Exemption Status: Exempt

Physical Requirements:

Requires long periods of close concentration and multi-tasking in noisy/busy environment; must be able to travel and work overtime occasionally.

The position is eligible for remote employment, excluding the following locations: Alaska, Arkansas, Hawaii, Mississippi, Nevada, South Dakota, West Virginia, Wyoming. 

Benefits

Regular full-time and qualifying part-time employees and their dependents are eligible for Macmillan benefits, effective on the employee’s date of hire. Macmillan also offers health benefits coverage to qualifying same-sex and opposite-sex domestic partners (may require additional documentation) of active employees.

• Competitive pay and bonus plan
• Generous Health Benefits (Medical, Dental, Vision)
• Contributions to your 401k retirement account through Fidelity 
• Generous paid time off, sick time, floating holidays, and paid holidays (Spring Reset Day , Juneteenth, Indigenous People's Day, Election Day, and more!)
• Employee Assistance Program, Education Assistance Program
• 100% employer-paid life and AD&D insurance
• And much more!

Macmillan Learning is a privately-held, family owned company that improves lives through learning. By linking research to learning practice, we develop pioneering products and learning materials for students that are highly effective and drive improved outcomes. Our engaging content is developed in partnership with the world's best researchers, educators, administrators, and developers. To learn more, please visit macmillanlearning.com or see us on Facebook, Twitter, LinkedIn or join our Macmillan Community. Macmillan Learning is a division of the Holtzbrinck Publishing Group, a family-owned global media company headquartered in Stuttgart, Germany.  

We are an Equal Opportunity Employer. We are actively seeking job applicants who reflect a broad representation of differences, including race, ethnicity, religion, sex, sexual orientation, gender identity/expression, physical ability, neurodiversity, age, veteran, family and economic status and background, geographical background and status, and perspective. We believe that the best companies reflect the incredible diversity in viewpoints, backgrounds, and identities of the world in their staffs, and are committed to inclusive hiring across departments and levels.You can read more about our Diversity, Equity, & Inclusion initiatives here.

The successful candidate for this position will be an employee of Bedford, Freeman & Worth Publishing Group, LLC d/b/a Macmillan Learning. Bedford Freeman & Worth Publishing Group, LLC has developed an affirmative action program in compliance with the NY Department of Education’s guidance. Portions of the affirmative action program are available for review by applicants and employees by contacting Human Resources at Macmillan Learning.