In 2016, Coursera began hosting accredited online Masters degrees provided by University partners, which provide a more convenient, lower-cost, stackable means of earning credentials identical to their traditional on-campus counterparts.
We also launched Coursera for Business, partnering with enterprise companies around the world to provide access to curated skill development for their employees, now serving 900+ customers.
You personally exhibit a conviction that the world needs Coursera to be wildly successful and alignment to our core values :
Betterment : a tireless pursuit to drive results
Boldness : take risks and act decisively
Deep Honesty : invite and offer candid feedback in order to learn, change, and grow
Solidarity : recognize that we are part of something bigger than ourselves and are committed
Your Responsibilities :
Implement and manage the Information Security Program including security incident response, vulnerability management, data protection, and risk management
Undertake and lead regulatory readiness assessments and development of appropriate compliance strategies (SOC2, FERPA, ISO27001, NIST, etc.
Driving and achieving SOC2 type2 certification in a first year
Documenting and maintaining security policies, standards, guidelines, processes and procedures, and other related documents, as requested, and representing the Security Team during internal and external audits
Working with Sales, lead the response to customer questionnaires dealing with our security and data protection policies.
Review Information Security and privacy related requirements in contracts and provide input to Legal Team
Maintain company security breach response documentation and provide necessary training and periodic table top exercises for extended CIRT team
Establishing and coordinating remediation and mitigation for identified security risks
Ensuring technical security controls are in place, maintained and audited on a periodic basis
Your Skills :
5+ years’ of working experience in an Information Security and Compliance role
Have solid knowledge of ISO 27001, NIST and other information security standards and ideally have some experience implementing these standards
Industry standard security certification(s) a Plus : CISSP, CISA, CISM, etc.
Previous experience reviewing / writing security related legal documents is a plus
Solid foundation and good technical knowledge of security engineering, computer and network security, authentication, security protocols and applied cryptography
Self-motivated and results-oriented
Excellent interpersonal and communication skills