Role Overview

We're looking for an experienced technical writer with a deep understanding of information security and compliance frameworks to take ownership of a documentation rewrite initiative. This includes restructuring, refining, and rewriting approximately 30 documents related to our client's Information Security Management System in preparation for a mid-September ISO 27001 audit.

This role is best suited to someone who can quickly understand technical content, work independently, and communicate clearly with stakeholders. You'll collaborate directly with the Director of Information Security, the CISO, and a small group of domain experts. The writing must be clear, consistent, and accessible—ideally written at an 8th-grade reading level for broader internal consumption.

Scope and Duration:

• 3 month contract with potential to extend

• 90 hours/month with flexibility for full-time if needed

• Collaboration mostly in Central and Eastern time zones

Key Responsibilities

• Rewrite and improve documentation across several categories:

  • Security policy documents (e.g., Acceptable Use, Access Control)
  • Standard Operating Procedures (e.g., Access Reviews, Offboarding)
  • Incident Response Plans and accompanying playbooks

• Refactor content for clarity, consistency, and alignment with ISO 27001 standards

• Simplify and standardize documents for an 8th-grade reading level where appropriate

• Conduct interviews with internal stakeholders to clarify requirements and resolve ambiguities

• Collaborate directly with the Director of Information Security, CISO, and other domain experts

Required Qualifications

• 5+ years' experience as a technical writer, with proven expertise in security policy and compliance documentation
• Familiarity with ISO/IEC 27001, and preferably other security frameworks (NIST, SOC 2, etc.)
• Ability to confidently challenge, revise, and improve existing material
• Strong communication skills: written, verbal, and interpersonal
• Ability to self-direct, manage feedback loops, and maintain steady output under tight timelines
• Comfortable working in a remote-first environment and engaging across time zones

Preferred Qualifications

• Knowledge of Teams, Confluence or other collaborative documentation platforms
• CISSP or other security-related certifications (a plus but not required)
• Experience working in SaaS or edtech environments

About the Client

Our client is a leading remote-first education technology company serving over 30 million students and 7 million teachers in the U.S. K–12 education sector. Backed by private equity and operating across seven independently run companies, they provide SaaS-based educational tools and large-scale student assessments (e.g., state-administered summative tests). With a workforce of 2,700+ employees and 1,000 contractors, they are undergoing a major security program uplift to align with ISO/IEC 27001 standards.