The International Rescue Committee (IRC) responds to the worldโs worst humanitarian crises, helping to restore health, safety, education, economic wellbeing, and power to people devastated by conflict and disaster. Founded in 1933 at the call of Albert Einstein, the IRC is one of the world's largest international humanitarian non-governmental organizations (INGO), at work in more than 50 countries and more than 25 U.S. cities helping people to survive, reclaim control of their future and strengthen their communities. A force for humanity, IRC employees deliver lasting impact by restoring safety, dignity and hope to millions. If you're a solutions-driven, passionate change-maker, come join us in positively impacting the lives of millions of people world-wide for a better future.
The IRC has defined a new strategic mission & vision, along with initiatives and key processes to meet strategic objectives. The IT department provides reliable and scalable application development and infrastructure for the IRCโs offices around the world, including technologically complicated locations. IRCโs ITHQ department includes 150 professionals primarily in the US & Nairobi and over 40 counties supporting 20, 000 staff globally.
Job Overview/Summary:
We are seeking a highly skilled Information Security Manager to join our SecOps team. This role is purely operational and involves monitoring security information and event management (SIEM) systems, investigating security events, running vulnerability scans, and supporting the service desk. The ideal candidate will have experience with Microsoft Sentinel, ServiceNow ticketing, Qualys, and ZeroFox.
Major Responsibilities:
โข Continuously monitor the SIEM to identify and analyze potential security incidents and threats.
โข Investigate security events escalated from the service desk or managed security service providers (MSSP), determining the root cause and implementing corrective actions.
โข Run regular vulnerability scans using tools such as Qualys, and work with relevant teams to remediate identified vulnerabilities.
โข Train the service desk on SecOps processes and procedures to ensure effective initial triage of security events.
โข Compile and report on operational metrics to provide insights into the security posture and the effectiveness of security controls.
โข Leverage Microsoft Sentinel for advanced threat detection and response, utilize ServiceNow for efficient ticket management, and employ ZeroFox for social media threat monitoring and protection.
โข Lead a team of highly capable Security engineering staff who maintain security for system environments.ยญยญ
โข Ability to mentor and have the capability influencing the group.
โข Create and drive proactive monitoring and reporting for endpoint and system health including, patching, compliance, and other performance metrics.
โข Manage vulnerability remediation and incident handling across global resources
โข Implement new security technologies as required to support a dynamic/challenging business environment
โข Identify operational opportunities to implement security orchestration and automation capabilities
โข Support InfoSec-managed tools and enforcement of global security controls
โข Effectively provide general information security guidance & technology support to the business
โข Manage on call schedule and incident escalations
โข Maintain the day to day operations of configuration management platforms including application deployment and settings distribution
โข Work as the escalation point between various teams for Security related activities.
โข Drive client and system security model and best practices
โข Drive business decisions through data using tools like Splunk
โข Integrate with other internal systems and tools
โข Manage transition plans for major upgrades or patches
โข Diagnose and investigate unique and complex systemic problems
โข Work proficiently with minimal daily guidance and bring mature seasoned skills when working
โข Evaluate and communicate security risk to a wide and varying audience
Key Working Relationships:
Position Reports to: Director, Security Operations and Enigeering Team
Position directly supervises: One or more analysts
Indirect Reporting: CISO, Senior Director Technology, Operations & Information Security
Other Internal and/or external contacts:
**Internal:**IT leadership and staff across regions, HQ and Nairobi iHub, global Safety and Security Team, line personnel across all regions, emphasis on International Programs.
**External:**Participates in sector discussions of IT security-related issues.
Job Requirements:
**Education:**Bachelorโs degree in an information systems-related field required.
**Work Experience:**3-6 years in IT system design, implementation and operations in a global organization; 1-3 years with IT security systems
Demonstrated Skills and Competencies:
โข Significant knowledge in planning, directing, and managing Computer Incident Response Team (CIRT) and/or Security Operations Center (SOC) operations for a large global enterprise
โข Ability to manage stressful situations, handle incidents, have a close working knowledge of security issues and appropriate countermeasures, and contributing to a 24x7x365 support environments.
โข Ability to maintain situational awareness of escalated events and alerts, tools status, vulnerability status, forensics and malware investigations, intelligence status, and all other SOC functions
โข Validated working experience with enterprise class cloud technologies based on the M365 E5 stack as well as firewalls, messaging security (i.e. S/MIME, TLS, DMARC/SPF/DKIM, etc.) encryption, MS Defender (all platforms) Azure Entra, ServiceNow, etc.
โข Proven capacity to be a self-starter and work remotely with limited reliance on supervision
โข Good interpersonal skills required to help identify key relationships and to maintain them.
โข Strong oral and written communications skills
โข Familiar with security controls or concepts related to various security community groups or standards: CISSP Domains, NIST cybersecurity & privacy frameworks, CIS benchmarks, OSI model
โข Proven experience within Incident Response situations and demonstrated ability to handle and maintain confidential information in a professional manner
โข Must possess strong written and verbal communication skills, and be capable of understanding, documenting, communicating, and presenting technical issues in a non-technical manner to audiences with varying degrees of technical expertise
โข Be a team player and enjoy collaborating on cross-functional teams
โข Familiar with compliance and privacy regulations such as PCI, GDPR, CCPA, SOX, and other regulations/standards
โข Leadership skills and the ability to mentor or provide guidance to teams
Language Skills: English required; French and Arabic a plus
Certificates or Licenses:
CISSP, CCSP, or other relevant industry security-focused certifications preferred
**Working Environment:**Hybrid, including remote and standard office work environment.
**Travel:**up to 5%; two trips annually to NYHQ.
**Standard of Professional Conduct:**The IRC and the IRC workers must adhere to the values and principles outlined in the IRC Way โ our Code of Conduct. These are Integrity, Service, Accountability, and Equality.
Commitment to Gender, Equality, Diversity, and Inclusion: The IRC is committed to creating a diverse, inclusive, respectful, and safe work environment where all persons are treated fairly, with dignity and respect. The IRC expressly prohibits and will not tolerate discrimination, harassment, retaliation, or bullying of the IRC persons in any work setting. We aim to increase the representation of women, people that are from country and communities we serve, and people who identify as races and ethnicities that are under-represented in global power structures.