IT & Security Lead

Equal Access to High-Quality Education Moves Our World ForwardMeet Cadmus!At Cadmus, we believe every student should have equal opportunity to achieve academic excellence; that's why we're changing how the world learns!Cadmus is a global EdTech company purposefully built for the higher education sector to break down global learning barriers by providing educators and diverse student cohorts with access to high-quality learning and assessment. Built on rich, student-centric values, Cadmus empowers individuals to achieve their highest potential and graduate with the critical skills and knowledge to profoundly impact our workforces, communities, and evolving world.A Bold Plan for Global ImpactAt Cadmus, we're working hard in pursuit of an ambitious, world-shaping goal: to provide 1 billion students with access to high-quality education by 2050.That's why we need a dedicated and skilled IT & Security Lead team member to join our efforts in transforming education.RequirementsWe are looking for a highly experienced and pragmatic IT & Security Lead to own our entire internal technology, security, and compliance landscape. This is a senior individual contributor role, reporting directly to the Chief Product Officer. You will be responsible for building and scaling our security and IT functions from the ground up.You are a great fit if you demonstrate:Deep expertise in achieving and maintaining key security certifications like ISO 27001 and Cyber Essentials PlusA proven track record of managing vulnerability assessments, penetration tests, and remediation cyclesSignificant experience in fast-paced startup or small-scale companies, understanding how to make smart, risk-based tradeoffs rather than "gold-plated" systemsA pragmatic problem-solver responsible for driving organisation-wide compliance, creating sensible policies, and managing exceptions smartly and quicklyA massive plus would be technical skills in Python scripting or full-stack development, enabling process automation and collaboration with the engineering teamThe ability to balance strategic GRC (Governance, Risk, Compliance) with hands-on IT operations and SecOpsYou Will: Strategy & Governance: Develop, implement, and own the company-wide security, compliance, and IT roadmap. Stay up to date with evolving threats, vulnerabilities, and regulatory requirementsCertification & Audits: Lead the end-to-end process for achieving and maintaining critical certifications (e.g., ISO 27001, Cyber Essentials Plus), interfacing directly with auditors. Lead internal and external audits, and manage third-party security assessmentsCustomer Trust & Vendor Management: Respond to and complete customer security questionnaires and due diligence requests. Provide strategic guidance and oversight to vendors, ensuring adherence to agreed-upon SLAs and KPIsPolicy & Operations: Define, document, and enforce security and IT policies across the organization. You will establish and manage a pragmatic process for handling exceptionsSecurity Operations (SecOps): Manage and coordinate all vulnerability assessments and penetration testing, overseeing the timely remediation of findings. Implement and manage security tooling for threat detection, incident response, and data protectionIncident Response: Act as the primary incident commander for any security events or breaches, managing the full lifecycle from detection to post-mortem. Ensure excellent communication to stakeholders, providing timely and accurate updates during incidentsIT Operations: Oversee all internal IT functions, including helpdesk operations, hardware/software provisioning (macOS/Windows), asset management, and MDM solutionsIdentity & Access Management (IAM): Administer core SaaS platforms (e.g., Google Workspace/Microsoft 365) and own the IAM strategy, ensuring secure and scalable processes for onboarding, offboarding, and access controlCollaboration: Partner with the Engineering team to embed security best practices into the SDLC (DevSecOps) and advise on product securityBenefitsCadmus Employee BenefitsLearning allowances; because we don't just have words on a website, we genuinely do what we say and provide educational opportunities to all (including the Cadmus team)A diverse and inclusive workplace where there are no barriers to anyone succeedingA surrounding team of mission-driven individuals who genuinely love what they doHiring ProcessPlease apply online with your resume, and instead of a cover letter, we would love you to answer a few questions.While we review your application, get to know us by visiting cadmus.io (check out our values quiz!) and following our social channels (Linkedin, Facebook and Twitter).Inclusivity at CadmusAt Cadmus, we hire great people from a wide variety of backgrounds because it makes our company stronger. We never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, or disability status. If you share our values and our enthusiasm for education, you will find a home at Cadmus.If you need assistance or accommodations made due to a disability, please let us know.