CVT is excited to announce our search for a Cybersecurity Lead to join our global staff.
This is CVT’s first-ever position dedicated to information security, and the person filling this role will have the full support of the organization as they lead holistic efforts to improve cybersecurity at CVT, and to nurture a culture of cybersecurity among staff.
This position will play a critical role in support of survivors of torture and war trauma, human rights defenders, activists, and other at-risk individuals and organizations around the world. The ideal candidate for this position will be someone who is enthusiastic about continuously developing their skills and expertise across a number of information security domains as they work creatively and collaboratively to find solutions to combat the complex threats faced by our organization, our partners, and the people we help.
The Cybersecurity Lead will work closely and collaboratively with a wide range of staff and partners based in the United States, Middle East, and Africa, to evaluate and improve our management of cybersecurity risks. They will partner with staff in the development and maintenance of cybersecurity controls, policies, procedures, processes, workflows, and guidance which will govern technology tools and systems. They will work to build staffs’ awareness of information security, and will coordinate efforts to educate, train, and evaluate staffs’ understanding of information security.
In addition, the Cybersecurity Lead will monitor systems, identify risks, analyze threats, remediate vulnerabilities, and perform incident response. They will administer systems which protect CVT technology, and configure the security-related aspects of various technology tools across the organization.
Monitor systems, analyze threats, and perform incident response.
Use modern systems and techniques to detect, analyze, and respond to vulnerabilities, suspicious patterns, malicious activity, intrusions, accidental data leaks, etc. Automate notifications for unusual or high-risk activity. Perform timely remediation of published vulnerabilities. Coordinate regular vulnerability scanning and penetration testing.
Develop and maintain cybersecurity controls, policies, procedures, processes, workflows, and guidance. Collaborate with CVT departments and programs to understand threat models, conduct risk analyses, and help decision makers achieve effective management of risks while allowing business objectives to be met. Use relevant cybersecurity frameworks to develop practical, well-informed cybersecurity policies, procedures, processes, workflows, and guidance for on-prem, SaaS, PaaS technology systems. Continuously evaluate cybersecurity of existing technology and new technology proposed and make recommendations for improvement.
Design and administer cybersecurity systems. Develop and apply secure configurations. Install, configure, and maintain cybersecurity systems for managing endpoints, log collection and analysis, network monitoring, email and content filtering, and related activities. Perform and document hardening of devices and systems. Automate cybersecurity-related maintenance tasks.
Promote a culture of cybersecurity awareness. Communicate digital-hygiene best-practices to staff. Coordinate staff cybersecurity training and evaluation. Convene and facilitate a community of individuals who serve as cybersecurity focal points representing a cross-section of the organization. Participate in development of the IT strategic plan. Partner with other departments and programs throughout CVT to aid in their ability to integrate cybersecurity best-practices into their plans and budgets. Collaborate with ISACs and other peers to keep current on the state of cybersecurity.
Other Duties: Participate in other department and organization-wide activities, meetings and trainings. Complete administrative responsibilities. Perform other duties as assigned.
Required education, experience, certificates, licenses or registrations
Preferred education, experience, certificates, licenses or registrations
Competencies (knowledge, skills and abilities)
Supervisory Responsibilities: None
Physical Demands: While performing the duties of this job, the employee is regularly required to talk and hear. This position requires the ability to occasionally lift office products and supplies, of up to 5 pounds.
Travel: Some travel is required, up to 15%
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions and physical demands
Responsibilities described above are not a comprehensive list and additional tasks may be assigned to the employee from time to time as necessitated by organization needs