New

Director, Data Security & Compliance

Full-time

Remote

Deadline

June 27, 2025

About the organization

DataKind logo

DataKind

Organization type

Consultancy

In A Nutshell

Location

Remote Anywhere in USA

Salary

$150,000-$170,000

Job Type

Full-time

Experience Level

Mid-level

Deadline to apply

June 27, 2025

Develop and implement a comprehensive data security strategy for DataKind, focusing on our enterprise education and communities platforms and products.

Responsibilities

Data Security Implementation

  • Finalize and execute a comprehensive data security strategy aligned with organizational goals, grant deliverables, and product roadmaps.
  • Design, implement and maintain data security infrastructure, policies, controls, and procedures across all product environments.
  • Create and manage security protocols including data access control, encryption, and data loss prevention.
  • Conduct regular data security assessments, vulnerability testing, and risk evaluations.
  • Implement data breach response procedures and lead incident investigations when necessary.

Compliance Management

  • Set up organization’s implementation of ISO27001 in preparation for a SOC2 audit.
  • Ensure organizational adherence to education data privacy regulations including FERPA and GDPR.
  • Establish data governance policies that protect student information while enabling product functionality.
  • Monitor regulatory changes and update data security practices accordingly.
  • Maintain documentation needed for compliance verification and audits.
  • Build external partnerships with data security vendors and compliance consultants to extend capabilities.

Cross-Functional Leadership

  • Partner with engineering and product teams to integrate data security considerations into the development lifecycle.
  • Work closely with the Senior Director, Engineering to align data privacy requirements with technical initiatives.
  • Collaborate with Education Partnerships and Customer Success team members to address data security concerns from educational institutions and users.
  • Advise executive leadership on data risk management and resource allocation.
  • Educate staff across the organization on data protection best practices and compliance requirements.
  • Create a scalable data security and compliance function that can grow with organizational needs.

Education-Specific Data Protection

  • Develop specialized protocols for protecting student data in educational contexts.
  • Enable secure data sharing in compliance with educational privacy requirements.
  • Implement age-appropriate data security measures for student-facing applications.
  • Build security systems that accommodate the unique data handling needs of educational environments.

Grant Management & Milestone Achievement

  • Align data security planning and resource allocation with grant commitments and milestone requirements.
  • Make strategic decisions to prioritize security initiatives that fulfill grant obligations while advancing protection goals.
  • Establish KPIs and reporting frameworks for data security and compliance functions.
  • Establish tracking systems to monitor compliance progress against grant milestones and deliverables.
  • Work with leadership to prepare data security components of grant reports and future funding proposals.
  • Balance innovation with the disciplined execution required to meet grant-specified security outcomes.

Skillset

  • Alignment and enthusiasm for DataKind’s mission and values.
  • 8+ years of experience in data security and privacy, with at least 3 years focused on compliance and regulatory requirements.
  • Demonstrated experience with education-specific privacy regulations, particularly FERPA.
  • Experience directly implementing ISO27001 or a similar data security frameworks in cloud-based software environments.
  • Experience with SOC2 audit processes.
  • Understanding of security requirements for products handling sensitive student information.
  • Networking engineering skills to set up, maintain and document technical security infrastructure.
  • Knowledge of secure data handling practices and ability to guide engineering teams.
  • Strong project management skills to handle multiple data security initiatives simultaneously.
  • Bachelor’s degree in Computer Science, Information Security, Data Management, or related field.

Spot any inaccurate information? Have a job to share? Let us know.