Build, remix and share AI-powered educational tools.
Head of Privacy & Security
Location
United States
Posted
1 day ago
Salary
0
Seniority
Lead
Job Description
Head of Privacy & Security
Playlab
• Lead our security and privacy efforts and protect the students, educators, and partners who use the platform. • Drive the security engineering, compliance, and privacy programs forward with end-to-end ownership of risk and customer assurance. • Promote effective and thoughtful decision making to reduce uncertainty and increase organizational velocity. • Stand up SIEM and detection engineering pipelines to alert on and investigate anomalies before they turn into incidents. • Standardize and enforce RBAC on critical systems, including non-human and AI agent identities. • Add LLM-assisted and highly contextual code analysis to security-relevant pull requests, addressing tenant isolation and prompt injection threats. • Design data de-identification and isolation approaches for privacy-by-design use cases. • Keep an up-to-date risk register and security roadmap, communicating clearly through regular updates. • Support engineering team with secure design reviews that provide actionable and tradeoff-informed recommendations. • Equip customer-facing teams with top-notch trust center content, including security knowledge bases and customer assurance collateral. • Lead SOC 2 compliance operations and audits to reduce overhead on engineering and support teams. • Lead the incident response function to ensure rapid recovery capabilities. • Partner with Trust and Safety on child safety and responsible AI deployments. • Work cross-functionally to build partnerships instead of roadblocks.
Job Requirements
- 7+ years in security roles, with at least 3 years in leadership positions
- Background implementing security controls in fast-moving engineering organizations - you know how to balance security with velocity
- Demonstrated examples of projects tackling AppSec challenges and integrating with software development (DevSecOps)
- Experience securing container-based cloud environments (Playlab is on AWS EKS) including IAM, virtual network security, and logging and auditing capabilities
- Experience leading GDPR compliance and SOC 2 audits
- Excellent writing and communication abilities, turning complicated problems into actionable consensus.
- Bonus Points For...
- Background in education data privacy (e.g. FERPA, COPPA)
- Experience defending systems from AI threats (e.g. prompt injection)
- Experience in nonprofit or mission-driven organizations.
Benefits
- Flexible work
- Competitive pay & benefits
- Includes salary, healthcare, retirement, generous time off, and opportunities for professional growth.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Senior Security Engineer I – GRC FedRAMP
SmartsheetFounded in 2005, Smartsheet offers collaborative work management and process automation to empower greater enterprise productivity. A leading cloud-based platfo
• Own FedRAMP and GovRAMP (formerly StateRAMP) certifications and roadmaps: Lead the overall strategy for obtaining and maintaining federal authorizations, including package management, compliance timelines, and authority coordination. • Manage 3PAO relationships and assessments: Work with accredited third-party assessment organizations to conduct initial assessments and annual re-assessments. Coordinate scoping, evidence preparation, testing coordination, and results validation. • Lead continuous monitoring (ConMon) execution: Oversee the delivery of monthly, annual, and event-driven FedRAMP deliverables including vulnerability scans, penetration testing, system security plan updates, and compliance reporting. • Manage Plans of Action and Milestones (POA&M) processes: Own the identification, prioritization, tracking, and remediation of findings. Ensure timely closure of Critical (30 days), High (30 days), and Moderate (90 days) findings while coordinating with engineering and security teams. • Coordinate significant change requests and system modifications: Work with product and engineering to document, scope, assess, and obtain agency approval for system changes that impact security controls or compliance posture. • Engage with authorizing officials and federal agencies: Build and maintain relationships with government sponsors, CIOs, and agency decision-makers. Provide regular status updates, respond to questions, and demonstrate authorization compliance. • Prepare comprehensive assessment packages: Lead the development of System Security Plans (SSP), Security Assessment Plans (SAP), risk exposure tables, and supporting documentation required for audits. • Drive compliance automation and efficiency: Identify opportunities to automate evidence collection, simplify reporting, and reduce manual effort while maintaining rigor and auditability.
• Provide one-on-one consultations to assess SSI eligibility. • Evaluate household composition, countable income, resource levels, deeming, and state-specific variations. • Explain SSI application steps, documentation requirements, and pathways, including CAL, TERI, Presumptive Disability, Disabled Adult Child, and 1619(b). • Manage cases from creation to closure with accurate documentation. • Maintain expert-level knowledge of SSI regulations, Medicaid eligibility rules, POMS guidance, and SSA processes. • Meet or exceed FEDlogic QA quality standards and participate in internal improvement initiatives. • Any other duties as assigned by leadership.
Principal Enterprise Security Architect
IntelanceEnterprise Architecture. Cybersecurity. AI Operating Models. We build strategic systems for the future of business.
Role Description We are appointing a small number of Principal Enterprise Security Architects to our associate panel. This is not permanent employment. Assignments will be offered according to client demand, suitability and availability. There is no guaranteed volume of work. - Lead independent security architecture reviews for complex enterprise environments. - Assess cloud, on-premises and hybrid architectures across identity, networks, endpoints, applications, platforms and data. - Review security requirements, architecture decisions, trust boundaries and control designs. - Carry out threat modelling and identify credible attack paths and design weaknesses. - Assess identity and access management, network segmentation, encryption, logging, resilience and recovery arrangements. - Judge whether proposed alternative controls provide equivalent protection. - Review high-level and detailed designs and challenge unsupported assumptions. - Work alongside governance and risk advisors, enterprise architects and technical assessors. - Turn technical findings into clear decisions and recommendations for executives and boards. - Produce client-ready architecture findings, diagrams and assurance reports. - Complete scheme-specific training and participate in internal quality reviews where required. Qualifications - Substantial experience as a Principal Security Architect, Enterprise Security Architect or security design authority. - Experience designing or assuring complex systems in large or regulated organisations. - Strong knowledge of secure-by-design principles, threat modelling and architecture assurance. - Practical experience across cloud, hybrid infrastructure, identity, networks, applications and data security. - The ability to distinguish genuine security requirements from unnecessary complexity. - Excellent written English and the ability to explain technical risks to non-technical decision-makers. - We are particularly interested in applicants who hold UK Cyber Security Council professional registration at Principal or Chartered level in Secure System Architecture & Design. - We will also consider candidates who can demonstrate experience aligned with Chartered level and are willing to undergo formal professional assessment. - SABSA, TOGAF, CISSP, CCSP and cloud architecture certifications are useful, but do not replace the professional registration requirement. - You must be based in the UK, able to attend UK client sites when agreed, and able to contract through a limited company or another compliant arrangement. Benefits - Senior architecture and assurance assignments. - Flexible associate working based on your availability. - Direct access to Intelance leadership. - Work alongside experienced enterprise architects, risk advisors and technical assessors. - Clear scopes and independent advisory responsibilities. - Potential inclusion in Intelance proposals and associate credentials, subject to agreement. Company Description Intelance is a strategic consultancy specialising in Enterprise Architecture, AI transformation, and cybersecurity. We help organisations design the systems, structures, and operating models needed to scale, secure, and lead in a volatile world. Our team combines TOGAF-based architecture thinking with cybersecurity governance (Cyber Essentials, ISO 27001), cloud-native patterns, and AI operating model design. From EA blueprints to Zero Trust frameworks to AI adoption roadmaps - Intelance transforms complexity into strategic clarity. We serve public and private sector clients across the UK, Africa, and the Middle East - particularly in regulated industries such as government, healthcare, finance, energy, and pharma.
Role Description Own and optimize the organization's core network security platforms, ensuring the availability, performance, and protection of critical systems across a large-scale enterprise environment. - Serve as the senior technical escalation point for complex security, firewall, and network access control issues, leading root-cause analysis, incident response, and problem resolution efforts. - Drive continuous improvement of the security environment through policy optimization, segmentation initiatives, automation, and operational enhancements across Palo Alto, Fortinet, and NAC platforms. Qualifications - High School diploma equivalency with 2 years of cumulative experience OR Associate's degree/Bachelor's degree with 1 year of experience OR 5 years of applicable cumulative job specific experience required. - 2 years of leadership or management experience preferred. - 8–10+ years of hands-on experience in network/security engineering. - Proven experience operating in large-scale, enterprise environments. - Deep, hands-on expertise with: - Palo Alto Networks firewalls - Fortinet security platforms - Cisco ISE and/or Aruba ClearPass - Strong knowledge of: - Firewall operations, policy management, and segmentation - Authentication protocols (802.1X, RADIUS, TACACS+) - VPN technologies (IPSec, SSL VPN) - Demonstrated ability to troubleshoot complex, multi-layered issues under pressure. Benefits - Paid time off (PTO) - Various health insurance options & wellness plans - Retirement benefits including employer match plans - Long-term & short-term disability - Employee assistance programs (EAP) - Parental leave & adoption assistance - Tuition reimbursement - Ways to give back to your community



