Director of Information Security and Compliance (Remote, United States)

Director of Information Security and Compliance (Remote, United States) 

WHO WE ARE 

ETR (Education, Training and Research) is a national non-profit passionate about our mission to improve health and increase opportunities for youth, families and communities. We seek to promote equity and justice through understanding and addressing the ways health and education outcomes are influenced by the complex interactions between people and their environment. As a learning organization with a focus on mission-driven impact, we value diversity and inclusion of different perspectives and ideas, collaboration and continuous learning, both within the organization and in our partnerships.  We are looking for people who share our passion for health equity, social justice and learning.  

THE IMPACT WE ARE LOOKING TO MAKE  

We envision a world where all people have the information, skills and opportunities to lead healthy lives. With the purpose of reducing disparities and increasing equity in health and education, we uplift and support our partners to do work across the country and around the globe in advancing health equity for youth, families and communities.   

We achieve our vision and mission by linking innovation and research to practice. We drive the science through program development, applied research and evaluation and scale innovation through capacity building and dissemination.  

HOW YOU CAN CONTRIBUTE 

The Director of Information Security and Compliance will be responsible for designing, implementing, and maintaining ETR’s information security and compliance programs. Reporting directly to the COO, this role is critical for ensuring that all internal IT systems, digital products, and client-facing operations meet regulatory and security standards, including SOC2, HIPAA, FERPA, and NIST 800-171/800-53. The Director will work collaboratively with cross-functional teams, including product development, web development, IT infrastructure, business development, sales, and marketing, to maintain security and compliance best practices. 

This role also involves managing external relationships with third-party tool providers, auditors, and consultants, as well as responding to customer inquiries regarding the organization's compliance posture. The Director is responsible for guiding the final stages of the compliance program, with a strong focus on documenting policies, procedures, processes, and evidence. This position works remotely and can be located anywhere in the United States. 

CULTURAL ATTRIBUTES 

• You possess excellent communication and relationship-building skills with colleagues, partners and clients with utmost integrity, courtesy and diplomacy.  

• You are capable of embracing the ideas of others and seek to understand others’ points of view in order to further our shared mission and vision.  

• You enjoy working independently as well as collaboratively to meet goals and deadlines. 

• You are capable of using technology to effectively and professionally communicate with co-located and remote colleagues.    

• You are self-motivated and capable of strategically prioritizing multiple tasks in a fast-moving environment. 

• You embrace a spirit of learning and curiosity in your work and proactively seek out answers and solutions to questions and challenges that arise.  

WHAT YOU’LL NEED TO BE SUCCESSFUL 

Education & Experience:  

• Bachelor’s degree in information security, IT management, or a related field is required. 

• A minimum of 7 years of experience in IT security and compliance, with a focus on SOC2, HIPAA, FERPA, and NIST frameworks. 

• Experience in K-12 education technology or government contracting preferred. 

• Strong background in managing security tools, including Vanta, AWS, Microsoft 365, and observability platforms like Datadog. 

• Proven experience collaborating across multiple departments and managing external auditors and compliance engagements. 

Skills & Knowledge: 

• Deep understanding of regulatory frameworks including SOC2, HIPAA, FERPA, and NIST CSF/800-171/800-53. 

• Experience using and managing GRC applications (e.g., Vanta) and security tools in cloud environments (AWS, Microsoft 365, Azure). 

• Proven ability to manage third-party vendor relationships and external audits. 

• Strong skills in policy development, risk assessment, and compliance reporting. 

• Highly developed people skills; ability to work with diverse groups of people. 

• Ability to work independently and take initiative while maintaining strong collaboration across departments. 

• Excellent written and verbal communication skills, with the ability to present complex security concepts to technical and non-technical stakeholders. 

• Strong organizational skills and the ability to handle multiple priorities in a fast-paced environment. 

• Dexterity with the unknown and the ability to rapidly learn. 

• Proven leadership of cross-functional teams and vendor management. 

• Strategic planning experience, particularly in building product roadmaps and aligning with business needs. 

• Ability to influence stakeholders, manage budgets (including government-funded projects), and execute through cross-functional agile teams. 

• Strong analytical, organizational, communication, and problem-solving skills. 

• Understanding of scalable digital products, content management, SaaS, and B2B service delivery. 

• Capable of leading complex projects from inception to completion, with a demonstrated ability to motivate teams. 

• Willingness to travel (5-10%). 

• The use of a personal vehicle or rental car for ETR business will require a valid driver’s license and proof of insurance. 

Location: Remote – Anywhere in the United States.  

Starting Pay Range: $136,400 to $166,700 annually. The typical hiring range for this position is $136,400 to $151,500 at 100% FTE. The starting salary is determined based on the candidate’s knowledge, skills, and experience.  

WORKING AT ETR 

ETR employees enjoy a competitive salary, amazing 401(K) and health benefits as well as generous PTO and holiday pay.  You will contribute to making a difference in the world!  

For more detailed information about this position and ETR, please visit our website: 

www.etr.org 

To apply for this position, please submit your resume to:  

https://www.etr.org/about-us/careers/ 

ETR is proud to be an Equal Opportunity Employer 

EEO and AA Employer/VET/Disabled 

ETR is an equal opportunity employer and supports a vision where all staff – regardless of race, ethnicity, sexual orientation, gender identity, age, socioeconomic background, or religious affiliation – feel there is space for a diversity of experiences to be represented, respected and valued. 

Salary : $136,400 - $151,500