Senior Director, IT Security and Compliance

Company: CONSERVATION INTERNATIONAL
Location: Arlington
Posted on: May 12, 2022

Job Description:

Senior Director, IT Security and ComplianceThe COVID-19 pandemic continues to be a global challenge. Due to the fluidity of the situation, we periodically reassess our plans to reopen our offices. For the safety of our employees, our approach is tailored to the situation in each of the 30 countries we operate in. Travel is only conducted when absolutely necessary and safe to do so. Hiring managers will provide guidance on remote, hybrid, or on-site work arrangements in accordance with country-specific safety policies.Conservation International protects nature for the benefit of humanity. Through science, policy, fieldwork, and finance, we spotlight and secure the most important places in nature for the climate, biodiversity, and for people. With offices in 30 countries and projects in more than 100 countries, Conservation International partners with governments, companies, civil society, Indigenous peoples, and local communities to help people and nature thrive together.POSITION SUMMARYAre you passionate about cybersecurity and believe that people need nature to thrive? Do you want to work within a team committed to conservation, and be able to use your knowledge of IT Security and Compliance to help keep our organization secure? Do you want to contribute to building a healthier, more prosperous, and more productive planet?Conservation International's Global Information Technology Team supports our 1100 colleagues globally, in over 30 countries around the globe. Our diversity is one of our greatest strengths, and we are in search of an addition to our team to lead our cybersecurity program. The Senior Director, IT Security, and Compliance is a crucial position to ensure that our systems and users can operate securely and effectively. A dedicated security professional with strong communication skills and a solid background in technology and cybersecurity is what we are seeking. The incumbent will also support IT procurement initiatives involving vendor vetting and validation of SOC reports and provide input into Requests for Proposals and evaluating proposal responses from the cybersecurity perspective.RESPONSIBILITIESProvide oversight and accountability of the day-to-day IT Security operations with a primary function of maintaining secure access to corporate communication and computing systems. Provide strategic, operational, and tactical security guidance for all IT projects, including the evaluation of the enterprise architecture, hardware, software, and technical controls.Develop and evangelize the IT policies related to cybersecurity and ensure IT and business areas follow established information security policies and procedures. Ensure that CI's information systems maintain compliance with regulatory and privacy requirements. In collaboration with the IT Security Systems Director, develop CI's IT security awareness program for both IT staff and end-users.Identify IT security risks and develop actionable plans to protect the organization, including timely triage of IT security events to limit the potential scope of damage.Develop, maintain, and exercise testing of CI's IT Disaster Recovery Plan, the IT portion of CI's Business Continuity Plan, and the IT Security Incident Response Plan. Assist VP of Global IT in formulation and enforcement of CI's network security policies and procedures.Ensure that user data is stored in compliance with the organization's Data Classification Policy, using available tools to find and report on PCI, HIPAA, PII, and GDPR data that are non-compliant due to the sensitivity and encryption requirements.Oversee security incident response planning as well as performing the investigation of security breaches, eDiscovery, and other forensic investigation requests.Other duties as assigned by the VP of Global IT and the General Counsel Office.WORKING CONDITIONSThis position is based in Arlington, VA, Seattle, WA,Hawaii, or the Americas (remote possible). Please view a full list of our locations in the Americas here.International travel up to 10% may be required to fulfill this position's requirements.Our Arlington, VA office is officially open. Guidance on hybrid or remote work schedules will be discussed during the interview process. For positions based in Hawaii and Seattle, further guidance will be provided in those offices during the interview process.For the health and safety of our employees, their families, and our community, all US-based Conservation International staff are required to be vaccinated against COVID-19. This mandatory vaccine requirement applies to all staff working remotely, in a hybrid work arrangement, and on-site in CI US offices. Effective January 4, 2022, new hires will be required to provide proof of full vaccination with a government-approved vaccine as a condition for employment. Requests for reasonable accommodations or exceptions related to medical or religious reasons will be considered. Candidates are NOT required to state their COVID-19 vaccine status in their application.QUALIFICATIONSRequiredBachelors degree in IT security or related field with 10 or more years of professional experience.Minimum of 5 years of IT Management experience.Experience implementing global, enterprise-wide solutions in very low bandwidth environments, especially in Africa, Asia, Oceania, or Latin and South America.Excellent verbal and written communications skills, i.e. listening and understanding, asking pertinent questions, understanding technical issues, and documenting these discussions with clients.ITIL v3 or v4 Foundation certification.Demonstrated ability in project management - planning, prioritizing, and managing multiple projects.Ability to solve complex problems and deliver results.Experience with vendor teams, contractors, and sourcing.Excellent personal skills in relating with other people, peers, senior and junior.Demonstrated decision-making and consensus-building capacity.High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity.PreferredAdvanced degree.Intermediate ITIL certifications in IT Service Design and IT Service Transition.IT Service Management experience across the entire lifecycle through Continual Service Improvement.Advanced Information Security certification (CISSP, CISA, CISM, etc) and forensic investigation certification.Experience working with an international company or non-profits, including conservation organizations.Experience working with multiple levels within the organization from coordinator to senior management.To apply for this position please submit a resume and cover letter. See all Conservation International Career Opportunities HEREConservation International is an Equal Opportunity Employer Minorities/Women/Vets/Disabled

Keywords: CONSERVATION INTERNATIONAL, Arlington , Senior Director, IT Security and Compliance, Accounting, Auditing , Arlington, Virginia