Deputy Director, Information Security Operations Centre

Requisition ID: req24792

Job Description

The IRC has defined a new strategic mission & vision, along with initiatives and key processes to meet strategic objectives. The IT department provides reliable and scalable application development and infrastructure for the IRC’s offices around the world, including technologically complicated locations. IRC’s ITHQ department includes 70 professionals primarily in the US & Nairobi and over 150 IT professionals in 40 counties supporting 13, 000 staff globally.

Job Overview/Summary

The Deputy Director is a Global Information Security (GIS) leader accountable for running and improving IT security operations. Strengthens Information security posture by defining and implementing a complex, global multi-stream initiative to update and improve security practices, tools, and processes via the Security Enhancement Program (SEP). Leading SEP design and implementation, strategy must be inclusive, and examine processes and toolsets across enterprise systems and architecture to provide a detailed future state roadmap with investment options. The ideal candidate is a leader, hands on authority in multiple technologies, problem solver, and people motivator. The SEP will be supported by several Field and HQ technologists, Leadership, a dedicated senior IT project coordinator, and MSSP. The team will collaborate closely with Enterprise ERP and core IT functions: infrastructure (network, servers, databases, cloud) and applications. This role builds out and runs the Security Operations Center (SOC), including hands-on day-to-day operations.

Major Responsibilities

As the IRC enterprise IT Security Leader, this role is accountable for the hands-on operation of the SOC and leading, improving, managing, and providing IT security oversight for IRC systems. This role will directly manage and oversee all GIS security systems such as Azure, ProofPoint, etc. and develop IT standards that facilitate oversight of enterprise BU critical systems: WorkDay, Box, etc. Each system lead sysadmin (Primary Custodian) maintains responsibility for system security and data privacy and is GIS Distributed Security Organization (DSO) member.

Security Operations and Incident Response

Develop and evolves SOC capabilities for better threat identification, and response automation
Daily monitoring and management of security control systems, including SIEM/Sentinel and coordinates with other sysadmins on incidents and other service requests including: content search, lost assets, vendor risk assessment, technical advisory; logs appropriate incidents and service requests and resolves according to priority.
Serves as primary custodian for the security of Azure, M365, IEM – Sentinel, Proofpoint, PAM, Qualys and other systems/tools. Leads and guides the DSO.
Leads incident response, including vendor security issues and manages incidents with up-to-date playbooks. Orchestrates IR activities (i.e. IoC detection, Legal, platform security, communications, threat hunting, etc.).
Leads development of an IT Business Continuity and Disaster Recovery plan. Monitors patching, threat intelligence, pertinent events; disseminate as needed. Supports IT Audit.
Systems Engineering, Architecture and Standards

Collaborates with team members to develop and maintain the IT security roadmap
Provides mentorship and technical standards for secure systems architecture, design and operations. Standards include feedback KRIs.
Leverages the DSO to author and update global standards and ensures alignment with Field IT.
Manages standards exceptions and maintains the risk register
Leads hands-on assessment of critical systems and advises Primary Custodians with tools such as Security Compass, secure score, Azure Security Config, Qualys to assess their environments.

Acts as technical focal point for BUs and handles security vendors.
Builds reports, dashboards, metrics and presents to Sr. Mgmt.

Project Management

Leads project planning and budgets; escalates as necessary
Completes projects in a timley manner and quickly develops and maintains relationships the organization.

Job Requirements

Education: Bachelor’s degree in an information systems-related field required. Master’s preferred.
Work Experience: 5-7 years in IT system design, implementation and operations in a global organization; 1-3 years with  IT security systems

Demonstrated Skills and Competencies:

Validated expertise engineering and implementating enterprise class technologies such as firewalls, proxy servers, messaging security (i.e. S/MIME, TLS, DMARC/SPF/DKIM, etc.) M365 / Google Workspace, Encryption, Box, VPN, DLP, endpoint management and security; WIFI/Bluetooth, IAM and biometrics, SSO/SAML, message filtering, UEM Azure, Azure AD, ServiceNow, mobile, cloud security, etc. Dynamics 365 and Fastpath is a significant plus.
Demonstrated experience in supervising, mentoring and building capacity of staff
Proven capacity to be a self-starter and work remotely with limited reliance on supervision
Solid project management capabilities for engineering and deployment of IT security products and strong organisational change skills needed to drive organizational improvements.
Good interpersonal skills required to help identify key relationships and to maintain them.
Strong oral and written communications skills sufficient for senior-level presentation and technical policy and standards development;
Language Skills:  English required; French and Arabic a plus

Certificates or Licenses: CISSP, CISSP/ITIL, CISM or others, which support adequate aptitude to design, deploy and operate IT security solutions; CISSP strongly preferred.

Working Environment:  Standard office work environment; work location may be another IRC office.

Travel: up to 15%; two trips annually to NYHQ.


Click “APPLY FOR JOB” button above to apply for this job.

About International Rescue Committee

The International Rescue Committee is a global humanitarian aid, relief and development nongovernmental organization.