Deputy Director, Security Operations Centre
The International Rescue Committee (IRC) responds to the world's worst humanitarian crises and helps people to survive and rebuild their lives. Founded in 1933 at the request of Albert Einstein, the IRC offers lifesaving care and life-changing assistance to refugees required to flee from war or disaster. At work today in over 40 countries and 22 U.S. cities, we restore safety, dignity and hope to millions who are uprooted and struggling to endure. The IRC leads the way from harm to home.
The IRC has defined a new strategic mission & vision, along with initiatives and key processes to meet strategic objectives. The IT department provides reliable and scalable application development and infrastructure for the IRC’s offices around the world, including technologically complicated locations. IRC’s ITHQ department includes 70 professionals primarily in the US & Nairobi and over 150 IT professionals in 40 counties supporting 13, 000 staff globally.
The Deputy Director is a Global Information Security (GIS) leader accountable for running and improving IT security operations. Strengthens Information security posture by defining and implementing a complex, global multi-stream initiative to update and improve security practices, tools, and processes via the Security Enhancement Program (SEP). Leading SEP design and implementation, strategy must be inclusive, and examine processes and toolsets across enterprise systems and architecture to provide a detailed future state roadmap with investment options. The ideal candidate is a leader, hands on authority in multiple technologies, problem solver, and people motivator. The SEP will be supported by several Field and HQ technologists, Leadership, a dedicated senior IT project coordinator, and MSSP. The team will collaborate closely with Enterprise ERP and core IT functions: infrastructure (network, servers, databases, cloud) and applications. This role builds out and runs the Security Operations Center (SOC), including hands-on day-to-day operations.
As the IRC enterprise IT Security Leader, this role is accountable for the hands-on operation of the SOC and leading, improving, managing, and providing IT security oversight for IRC systems. This role will directly manage and oversee all GIS security systems such as Azure, ProofPoint, etc. and develop IT standards that facilitate oversight of enterprise BU critical systems: WorkDay, Box, etc. Each system lead sysadmin (Primary Custodian) maintains responsibility for system security and data privacy and is GIS Distributed Security Organization (DSO) member.
Security Operations and Incident Response
• Develop and evolves SOC capabilities for better threat identification, and response automation
• Daily monitoring and management of security control systems, including SIEM/Sentinel and coordinates with other sysadmins on incidents and other service requests including: content search, lost assets, vendor risk assessment, technical advisory; logs appropriate incidents and service requests and resolves according to priority.
• Serves as primary custodian for the security of Azure, M365, IEM – Sentinel, Proofpoint, PAM, Qualys and other systems/tools. Leads and guides the DSO.
• Leads incident response, including vendor security issues and manages incidents with up-to-date playbooks. Orchestrates IR activities (i.e. IoC detection, Legal, platform security, communications, threat hunting, etc.).
• Leads development of an IT Business Continuity and Disaster Recovery plan. Monitors patching, threat intelligence, pertinent events; disseminate as needed. Supports IT Audit.
Systems Engineering, Architecture and Standards
• Collaborates with team members to develop and maintain the IT security roadmap
• Provides mentorship and technical standards for secure systems architecture, design and operations. Standards include feedback KRIs.
• Leverages the DSO to author and update global standards and ensures alignment with Field IT.
• Manages standards exceptions and maintains the risk register
• Leads hands-on assessment of critical systems and advises Primary Custodians with tools such as Security Compass, secure score, Azure Security Config, Qualys to assess their environments.
• Acts as technical focal point for BUs and handles security vendors.
• Builds reports, dashboards, metrics and presents to Sr. Mgmt.
Leads project planning and budgets; escalates as necessary
Completes projects in a timley manner and quickly develops and maintains relationships the organization.
Key Working Relationships:
Position Reports to: CISO
Position directly supervises: NA
Indirect Reporting: Regional and country program leadership, IT leadership, IRC privacy office
Other Internal and/or external contacts:
Internal: IT staff across regions, HQ and Nairobi iHub, global Safety and Security Team, line personnel across all regions, emphasis on International Programs.
External: Industry/sector peers and vendors. Law enforcement if needed for incident response. Participates in sector discussions of IT security-related issues.
Education: Bachelor’s degree in an information systems-related field required. Master’s preferred.
Work Experience: 5-7 years in IT system design, implementation and operations in a global organization; 1-3 years with IT security systems
Demonstrated Skills and Competencies:
• Validated expertise engineering and implementation enterprise class technologies such as firewalls, proxy servers, messaging security (i.e. S/MIME, TLS, DMARC/SPF/DKIM, etc.) M365 / Google Workspace, Encryption, Box, VPN, DLP, endpoint management and security; WIFI/Bluetooth, IAM and biometrics, SSO/SAML, message filtering, UEM Azure, Azure AD, ServiceNow, mobile, cloud security, etc. Dynamics 365 and Fastpath is a significant plus.
• Demonstrated experience in supervising, mentoring and building capacity of staff
• Proven capacity to be a self-starter and work remotely with limited reliance on supervision
• Solid project management capabilities for engineering and deployment of IT security products and strong organisational change skills needed to drive organizational improvements.
• Good interpersonal skills required to help identify key relationships and to maintain them.
• Strong oral and written communications skills sufficient for senior-level presentation and technical policy and standards development;
Language Skills: English required; French and Arabic a plus
Certificates or Licenses: CISSP, CISSP/ITIL, CISM or others, which support adequate aptitude to design, deploy and operate IT
security solutions; CISSP strongly preferred.
Working Environment: Standard office work environment; work location may be another IRC office.
Travel: up to 15%; two trips annually to NYHQ.
Standards of Professional Conduct: The IRC and IRC workers must adhere to the values and principles outlined in the IRC Way – Code of Conduct. These are Integrity, Service, Equality and Accountability. In accordance with these values, the IRC operates and enforces policies on Beneficiary Protection from Exploitation and Abuse, Child Safeguarding, Harassment-Free Workplace,
Diversity Equality and Inclusion (DEI), Fiscal Integrity, Anti-Retaliation, Combating Trafficking in Persons and several others.
Narrowing the Gender Gap: The International Rescue Committee is committed to narrowing the gender gap in leadership positions. We offer benefits that provide an enabling environment for women to participate in our workforce including a flexible hour (when possible), maternity leave, transportation support, and gender-sensitive security protocols.
Equal Opportunity Employer: IRC is an Equal Opportunity Employer. IRC considers all applicants on the basis of merit without regard to race, sex, color, national origin, religion, sexual orientation, age, marital status, veteran status, disability, or any other characteristic protected by applicable laws