Employment Type- Part-time (15–20 hrs/week); potential to grow to full-time Reports to- VP of Engineering Location- Remote — must be Ontario-based; head office is in Toronto Target Start- As soon as possible About Habitat Learn Habitat Learn is an education technology company focused on making learning accessible for every student. Our products include Messenger Pigeon, an AI-powered platform for learning, note-taking, and live captioning, and Podium Solution, an on-device classroom accessibility platform designed with privacy and security at its core. Our technology is used by educational institutions including Harvard, UC Berkeley, Yale, the University of Toronto, and Humber Polytechnic to support more inclusive and accessible learning environments. We are a design-led company with privacy, security, and data sovereignty as core principles. Podium Solution processes audio entirely on-device by design. We also provide Apple hardware to our team to ensure consistency, security, and performance across our workflows. As we scale across North America, we are formalizing our security and compliance function to support institutional requirements and evolving public-sector standards. About the Role This is a newly created role at Habitat Learn for someone early in their career who is eager to take ownership, learn quickly, and grow within a fast-moving EdTech company. As our first dedicated Security & Compliance Associate, you will support and help strengthen our security and compliance program across multiple frameworks, including SOC 2, ISO 27001, HIPAA, HECVAT, and Texas RAMP. You will not be working alone. We are currently engaged with the Humber Polytechnic Digital Tech Hub for a cybersecurity assessment, followed by ongoing advisory support. This provides a structured foundation, external expertise, and a clear remediation roadmap. Your role will be to help operationalize and execute this roadmap internally. You will work closely with the VP of Engineering and engineering leadership to ensure security and compliance requirements are embedded into day-to-day product and infrastructure operations.

What You’ll Do Compliance & Documentation Support ongoing compliance activities across SOC 2, ISO 27001, HIPAA, HECVAT, and TX-RAMP Collect, organize, and maintain audit evidence and security documentation Help draft and maintain security policies, procedures, and internal standards Complete security questionnaires and HECVAT submissions for institutional procurement Maintain a compliance tracker and support audit readiness activities Cybersecurity Assessment Follow-Through Review findings from the Humber Digital Tech Hub cybersecurity assessment Track remediation tasks and help coordinate follow-up with engineering and leadership Support updates to the risk register and documentation of control gaps and resolutions Act as an internal coordinator for progress tracking and reporting Security Operations Support Support user access controls, provisioning, and offboarding processes Assist with vendor security reviews and BAA tracking Help coordinate internal security awareness and training activities Support Apple device management processes (MDM, Apple Business Manager) Stakeholder Support Support responses to customer security reviews and procurement due diligence requests Assist in preparing compliance and security status updates for leadership Stay informed on relevant privacy and data protection regulations (FERPA, PIPEDA, etc.) How to Apply Attach your resume and a short paragraph in the summary section of the application form (a few sentences is fine). Please include: What program you studied Any exposure to security, privacy, or compliance work Why Habitat Learn interests you This role is open to candidates across Ontario, however candidates in other areas can be considered. We have strong ties with Humber Polytechnic but welcome applicants from any relevant program. Applications are reviewed on a rolling basis.

What We’re Looking For: Education Recent graduate (within 1–2 years) of a diploma or degree in Cybersecurity, Protection & Security Investigation, IT Security, Network Security, or a related field Ontario institutions such as Humber Polytechnic, Seneca Polytechnic, George Brown College, or equivalent programs are strongly welcomed Coursework in cybersecurity frameworks, risk management, or privacy law is an asset Skills & Attributes Strong attention to detail and highly organized approach to documentation Clear written communication skills (policy writing and institutional responses are key parts of the role) Comfortable working independently in a fast-paced, evolving environment Curious about security and privacy, with an interest in understanding underlying systems (not just processes) Ability to manage multiple priorities and stay structured in a startup setting Nice to Have Exposure to frameworks such as SOC 2, ISO 27001, NIST, HIPAA, or similar Familiarity with Apple device management or enterprise IT environments Entry-level certifications (e.g., CompTIA Security+, ISC2 CC) Experience with tools such as Vanta, Drata, Notion, or Jira Prior co-op, internship, or volunteer experience in IT, security, or compliance What You’ll Get: A meaningful first role with real ownership (not an internship-style support role) Direct mentorship from the VP of Engineering and exposure to company leadership Structured guidance through the Humber Digital Tech Hub cybersecurity assessment Hands-on experience across multiple enterprise compliance frameworks Exposure to real institutional procurement and security processes A mission-driven product supporting accessibility in education Remote Employment Health Benefits