Deputy Director, Security Operations Centre at International Rescue Committee

Major Responsibilities:
 
As the IRC enterprise IT Security Leader, this role is accountable for the hands-on operation of the SOC and leading, improving, managing, and providing IT security oversight for IRC systems. This role will directly manage and oversee all GIS security systems such as Azure, ProofPoint, etc. and develop IT standards that facilitate oversight of enterprise BU critical systems: WorkDay, Box, etc. Each system lead sysadmin (Primary Custodian) maintains responsibility for system security and data privacy and is GIS Distributed Security Organization (DSO) member.

Security Operations and Incident Response

• Develop and evolves SOC capabilities for better threat identification, and response automation
• Daily monitoring and management of security control systems, including SIEM/Sentinel and coordinates with other sysadmins on incidents and other service requests including: content search, lost assets, vendor risk assessment, technical advisory; logs appropriate incidents and service requests and resolves according to priority.
• Serves as primary custodian for the security of Azure, M365, IEM – Sentinel, Proofpoint, PAM, Qualys and other systems/tools. Leads and guides the DSO.
• Leads incident response, including vendor security issues and manages incidents with up-to-date playbooks. Orchestrates IR activities (i.e. IoC detection, Legal, platform security, communications, threat hunting, etc.).
• Leads development of an IT Business Continuity and Disaster Recovery plan. Monitors patching, threat intelligence, pertinent events; disseminate as needed. Supports IT Audit.

Systems Engineering, Architecture and Standards

• Collaborates with team members to develop and maintain the IT security roadmap
• Provides mentorship and technical standards for secure systems architecture, design and operations. Standards include feedback KRIs.
• Leverages the DSO to author and update global standards and ensures alignment with Field IT.
• Manages standards exceptions and maintains the risk register
• Leads hands-on assessment of critical systems and advises Primary Custodians with tools such as Security Compass, secure score, Azure Security Config, Qualys to assess their environments.
• Acts as technical focal point for BUs and handles security vendors.
• Builds reports, dashboards, metrics and presents to Sr. Mgmt.

Project Management

• Leads project planning and budgets; escalates as necessary
• Completes projects in a timley manner and quickly develops and maintains relationships the organization.

Key Working Relationships:

• Position Reports to:  CISO
• Position directly supervises: NA
• Indirect Reporting: Regional and country program leadership, IT leadership, IRC privacy office

Job Requirements:

• Education: Bachelor’s degree in an information systems-related field required. Master’s preferred.
• Work Experience: 5-7 years in IT system design, implementation and operations in a global organization; 1-3 years with  IT security systems

Demonstrated Skills and Competencies:

• Validated expertise engineering and implementation enterprise class technologies such as firewalls, proxy servers, messaging security (i.e. S/MIME, TLS, DMARC/SPF/DKIM, etc.) M365 / Google Workspace, Encryption, Box, VPN, DLP, endpoint management and security; WIFI/Bluetooth, IAM and biometrics, SSO/SAML, message filtering, UEM Azure, Azure AD, ServiceNow, mobile, cloud security, etc. Dynamics 365 and Fastpath is a significant plus.
• Demonstrated experience in supervising, mentoring and building capacity of staff
• Proven capacity to be a self-starter and work remotely with limited reliance on supervision
• Solid project management capabilities for engineering and deployment of IT security products and strong organisational change skills needed to drive organizational improvements.
• Good interpersonal skills required to help identify key relationships and to maintain them.
• Strong oral and written communications skills sufficient for senior-level presentation and technical policy and standards development;
• Language Skills:  English required; French and Arabic a plus
• Certificates or Licenses: CISSP, CISSP/ITIL, CISM or others, which support adequate aptitude to design, deploy and operate IT
• security solutions; CISSP strongly preferred.