Head of Security & Privacy

2 months, 3 weeks ago
Full-time
Executive
Cybersecurity
Education Perfect

Education Perfect

Education Perfect provides a comprehensive learning, assessment, and analytics platform tailored for K-12 education, designed to enhance teaching effectiveness through personalized, curriculum-aligned online resources and innovative tools like an AI-po...

Diversified Consumer Services
251-1K
Founded 2007

Description

  • Lead the company’s information security, privacy, and AI governance strategy.
  • Own and maintain the Information Security Management System (ISMS), security policies, and risk framework.
  • Maintain ISO 27001 certification and compliance with frameworks such as ST4S.
  • Ensure compliance with GDPR, the New Zealand Privacy Act, and the Australian Privacy Act as the data protection officer.
  • Oversee security architecture, tooling, vulnerability management, and incident response.
  • Manage the security and privacy risk register and report key risks to senior leadership and the board.
  • Develop and implement AI governance frameworks for responsible and ethical AI use.
  • Lead vendor security and privacy assessments, including third-party risk management.
  • Drive security awareness and training programs across the organisation.
  • Manage external security audits, certification processes, business continuity planning, and cyber insurance.

Requirements

  • Experience leading security and privacy strategy in a cloud-native or SaaS organisation.
  • Strong leadership skills with the ability to influence senior stakeholders and cross-functional teams.
  • Deep knowledge of ISO 27001 and related security frameworks.
  • Relevant certifications such as CISSP, CISM, AIGP, or AWS Certified Security - Specialty are highly regarded.
  • Strong understanding of cloud security architecture, particularly AWS, and modern application security practices.
  • Experience working with DevOps environments and secure software development practices.
  • Experience implementing security monitoring, alerting, and incident response processes.
  • Strong knowledge of privacy regulations including GDPR and the New Zealand and Australian Privacy Acts.
  • Experience with data governance, classification, retention policies, and lifecycle management.
  • Understanding of AI risks and governance frameworks, including bias, transparency, and responsible use.

Benefits

  • Employee Equity Bonus Plan with equity bonuses that foster ownership and shared growth.
  • Christmas shutdown leave with a full company shutdown during the week of Christmas and 3 extra days of paid leave.
  • One paid volunteer day per year.
  • Option to buy an extra week of annual leave.
  • Work from anywhere for up to 90 days per year from a different state or country.
  • Pre-tax $750 NZD end-of-year wellness bonus.
  • Fully funded Southern Cross Wellbeing 1 health insurance plan, with optional add-ons and family cover.
  • Remote/hybrid home set-up support and a $50 NZD monthly communication allowance.
  • Parental leave support, including full-pay top-up for primary caregivers, paid leave for secondary caregivers, and New Parents Leave.
  • 24/7 confidential Employee Assistance Program through Sonder, fully funded by EP.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Manager of Identity Access Management

Hasbro 5K-10K Consumer Goods

Wizards of the Coast is seeking a Manager, Identity Platform Engineering to lead the enterprise identity systems that secure access across its internal studios and multi-cloud environment.

Active Directory AWS OpenID Connect SAML
8 hours, 17 minutes ago

Director of Licensing and Compliance

Splitero 11-50 Banks

Splitero is hiring a Director of Licensing and Compliance to build and lead its state lending and MLO licensing program as the company expands into new markets.

9 hours, 2 minutes ago

IT & Compliance Auditor

AJAIA | AI Consultancy 1-10 management consulting

Ajaia is hiring an IT & Compliance Auditor to manage compliance programs, security audits, and risk management across its multi-cloud consulting and product environment as the company scales into regulated industries.

Azure HIPAA
9 hours, 2 minutes ago

Systems & Security Administrator

AJAIA | AI Consultancy 1-10 management consulting

Ajaia is seeking a Systems & Security Administrator to own internal IT operations, cloud infrastructure, and security controls for a fast-moving, distributed AI consultancy and product studio.

Ansible Azure Bash GCP HIPAA PowerShell Puppet Python Terraform
9 hours, 2 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers