Cybersecurity Administrator

Remote

Full Time Senior-level / Expert USD 85K - 100K
The Center for Victims of Torture logo

The Center for Victims of Torture

About CVT: The Center for Victims of Torture works toward a future in which torture ceases to exist and its victims have hope for a new life. We are an international nonprofit dedicated to healing survivors of torture. We offer rehabilitation service
Apply now Apply later

Summary:  

The Cybersecurity Administrator will be responsible for all aspects of cybersecurity at CVT.  This position will be CVT’s first dedicated to cybersecurity, and will report to the Director of IT.  This position will work closely with other members of the IT team, as well as staff from other CVT departments and programs, in the United States, the Middle East, Africa, and around the world to continuously evaluate and improve CVT’s ability to manage cybersecurity risks.  

This Cybersecurity Administrator will monitor systems, identify risks, analyze threats, remediate vulnerabilities, and perform incident response. 

The Cybersecurity Administrator will work with stakeholders to develop and maintain cybersecurity controls, policies, procedures, processes, workflows, and guidance which govern the technology tools and systems maintained by the IT department, as well as those maintained by CVT’s departments and programs.

The Cybersecurity Administrator will establish and administer systems which protect CVT’s technology, and configure the security-related aspects of various technology tools across the organization.

This position will have primary responsibility for promoting a continuously improving culture of cybersecurity awareness throughout CVT’s global workforce, including education, training, and evaluation. 

 

Job Responsibilities:

 

25%

Monitor systems, analyze threats, manage risks, and perform incident response. 

Use modern systems and techniques to detect, analyze, and respond to vulnerabilities, suspicious patterns, malicious activity, intrusions, accidental data leaks, etc.   Automate notifications for unusual or high-risk activity.  Perform timely remediation of published vulnerabilities.  Coordinate regular vulnerability scanning and penetration testing.

25%

Develop and maintain cybersecurity controls, policies, procedures, processes, workflows, and guidance.  Collaborate with CVT departments and programs to understand threat models, conduct risk analyses, and help decision makers achieve effective management of risks while allowing business objectives to be met.  Use relevant cybersecurity  frameworks to develop practical, well-informed cybersecurity policies, procedures, processes, workflows, and guidance for on-prem, SaaS, PaaS technology systems.  Continuously evaluate cybersecurity of existing technology and new technology proposed and make recommendations for improvement.

20%

Design and administer cybersecurity systems.  Develop and apply secure configurations.  Install, configure, and maintain cybersecurity systems for managing endpoints, log collection and analysis, network monitoring, email and content filtering, and related activities.  Perform and document hardening of devices and systems.  Automate cybersecurity-related maintenance tasks.

20%

Promote a culture of cybersecurity awareness.  Communicate digital-hygiene best-practices to staff.  Coordinate staff cybersecurity training and evaluation.  Convene and facilitate a community of individuals who serve as cybersecurity focal points representing a cross-section of the organization.  Create and maintain a cybersecurity strategic plan.  Participate in development of the IT strategic plan.  Partner with other departments and programs throughout CVT to aid in their ability to integrate cybersecurity best-practices into their plans and budgets.  Collaborate with ISACs and other peers to keep current on the state of cybersecurity. 

10%

Other Duties: Participate in other department and organization-wide activities, meetings and trainings. Complete administrative responsibilities. Perform other duties as assigned.

 

Qualifications:

Required education, experience, certificates, licenses or registrations

  • 6-8+ years of relevant cybersecurity experience
  • Prior experience in partnering with cross-functional teams to make risk-informed decisions
  • Prior experience with threat modeling, security design reviews, and risk analyses
  • Prior experience with a broad range of cybersecurity work including, endpoint security, Intrusion Detection Systems (IDS), identity management, vulnerability management, incident response, and threat intelligence
  • Experience analyzing and responding to cybersecurity events such as conducting log analysis, developing queries and analytics, and correlating diverse data sets
  • Experience in developing and implementing security tools and managing infrastructure.
  • Experience in developing and applying secure configurations of multiple platforms and environments including Azure
  • Experience auditing, designing and developing secure IT systems

 

Preferred education, experience, certificates, licenses or registrations

 

  • Working experience in a global company
  • Experience working with international nonprofits
  • Prior experience working with or at organizations that face serious security threats is strongly preferred
  • Experience working in environments with strict regulatory compliance obligations
  • CISA, CISSP, or CISM certifications

Competencies (knowledge, skills and abilities)

  • Excellent knowledge of the cybersecurity risks and mitigation techniques of both on premise and cloud-based IT systems and infrastructure

 

  • Proficiency in several cybersecurity technologies including data loss prevention, encryption, identity and access management, multi-factor authentication, zero-trust architecture, endpoint protection, SIEM and perimeter defenses
  • Strong knowledge of cloud-based platforms and services such as Azure, AWS, Google Cloud, etc
  • Strong knowledge of common SaaS cybersecurity benchmarks and certifications such as SOC 2, GDPR, HITRUST, NIST, etc
  • Expertise across common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT, NIST, including 800-53 and Cybersecurity Framework is preferred
  • Ability to manage multiple projects with team members from various business units/functions and countries
  • Ability to maintain up-to-date knowledge of cybersecurity threats, tools, and industry trends
  • Ability to develop and maintain professional, collaborative relationships, including the ability to work cross-culturally
  • Ability to communicate effectively in writing and verbally along with the ability to write documentation and communicate to non-technical colleagues
  • Commitment to engaging in human rights work, and diversity, equity and inclusion efforts within the organization
  • Excellent skills in organization, attention to detail and time management (including the ability to meet deadlines)
  • Working knowledge of Microsoft Office suite (Outlook, Word and Excel)

 

Supervisory Responsibilities: None

Work Environment:

  • Typical office environment
  • Time spent on the computer is approximately 95%
  • Time spent in virtual meetings is approximately 20%

 

Physical Demands: While performing the duties of this job, the employee is regularly required to talk and hear. This position requires the ability to occasionally lift office products and supplies, of up to 5 pounds.

 

Travel: Some travel is required up to 15%, position is up to 85% remote

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions and physical demands    

Responsibilities described above are not a comprehensive list and additional tasks may be assigned to the employee from time to time as necessitated by organization needs

Job perks/benefits: Team events
Job region(s): Remote/Anywhere North America
Job stats:  821  40  0
  • Share this job via
  • or

Explore more Information Security career opportunities