IT & Security Lead

1 day ago Be among the first 25 applicants Get AI-powered advice on this job and more exclusive features. Equal Access to High-Quality Education Moves Our World Forward Meet Cadmus At Cadmus, we believe every student should have equal opportunity to achieve academic excellence; that's why we're changing how the world learns Cadmus is a global EdTech company purposefully built for the higher education sector to break down global learning barriers by providing educators and diverse student cohorts with access to high-quality learning and assessment. Built on rich, student-centric values, Cadmus empowers individuals to achieve their highest potential and graduate with the critical skills and knowledge to profoundly impact our workforces, communities, and evolving world. A Bold Plan for Global Impact At Cadmus, we're working hard in pursuit of an ambitious, world-shaping goal: to provide 1 billion students with access to high-quality education by 2050. That's why we need a dedicated and skilled IT & Security Lead team member to join our efforts in transforming education. Requirements Deep expertise in achieving and maintaining key security certifications like ISO 27001 and Cyber Essentials Plus A proven track record of managing vulnerability assessments, penetration tests, and remediation cycles Significant experience in fast-paced startup or small-scale companies, understanding how to make smart, risk-based tradeoffs rather than "gold-plated" systems A pragmatic problem-solver responsible for driving organisation-wide compliance, creating sensible policies, and managing exceptions smartly and quickly A massive plus would be technical skills in Python scripting or full-stack development, enabling process automation and collaboration with the engineering team The ability to balance strategic GRC (Governance, Risk, Compliance) with hands-on IT operations and SecOps You Will: Strategy & Governance: Develop, implement, and own the company-wide security, compliance, and IT roadmap. Stay up to date with evolving threats, vulnerabilities, and regulatory requirements Certification & Audits: Lead the end-to-end process for achieving and maintaining critical certifications (e.g., ISO 27001, Cyber Essentials Plus), interfacing directly with auditors. Lead internal and external audits, and manage third-party security assessments Customer Trust & Vendor Management: Respond to and complete customer security questionnaires and due diligence requests. Provide strategic guidance and oversight to vendors, ensuring adherence to agreed-upon SLAs and KPIs Policy & Operations: Define, document, and enforce security and IT policies across the organization. You will establish and manage a pragmatic process for handling exceptions Security Operations (SecOps): Manage and coordinate all vulnerability assessments and penetration testing, overseeing the timely remediation of findings. Implement and manage security tooling for threat detection, incident response, and data protection Incident Response: Act as the primary incident commander for any security events or breaches, managing the full lifecycle from detection to post-mortem. Ensure excellent communication to stakeholders, providing timely and accurate updates during incidents IT Operations: Oversee all internal IT functions, including helpdesk operations, hardware/software provisioning (macOS/Windows), asset management, and MDM solutions Identity & Access Management (IAM): Administer core SaaS platforms (e.g., Google Workspace/Microsoft 365) and own the IAM strategy, ensuring secure and scalable processes for onboarding, offboarding, and access control Collaboration: Partner with the Engineering team to embed security best practices into the SDLC (DevSecOps) and advise on product security Benefits Learning allowances; because we don't just have words on a website, we genuinely do what we say and provide educational opportunities to all (including the Cadmus team) A diverse and inclusive workplace where there are no barriers to anyone succeeding A surrounding team of mission-driven individuals who genuinely love what they do Hiring Process Please apply online with your resume, and instead of a cover letter, we would love you to answer a few questions. While we review your application, get to know us by visiting cadmus.io (check out our values quiz) and following our social channels (Linkedin, Facebook and Twitter). Inclusivity at Cadmus At Cadmus, we hire great people from a wide variety of backgrounds because it makes our company stronger. We never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, or disability status. If you share our values and our enthusiasm for education, you will find a home at Cadmus. If you need assistance or accommodations made due to a disability, please let us know. Seniority level: Mid-Senior level Employment type: Full-time Job function: Information Technology Industries: IT Services and IT Consulting #J-18808-Ljbffr