Responsibilities:

• Design, manage, and supervise all aspects of the Information Security program including work plan development and implementation, priority and objective development, monitoring and evaluation, budget monitoring and management, reporting, and collaboration with donors and other partners;
• Implement and maintain an information security risk management program, and work closely with the Director of Physical Security to implement cohesive security risk management frameworks within Departments across HRW;
• Advise on technical security concepts pertaining to network security, email security, remote data and third party security;
• Develop and manage global information security policies, standards, guidelines and procedures to assess, balance, and minimize risk and ensure the confidentiality, integrity, and availability of systems and data.
• Lead information security planning processes and implementation to establish and/or enhance an inclusive and comprehensive information security program in support of all information systems and technologies;
• Education and Experience: A level of education that when combined with your professional experience will adequately show you have the capability to lead information security at HRW.
• We anticipate that successful candidates will have around 10 years of experience in the Information Security field, and around 5 years of management experience, but are eager to hear from candidates who feel confident that they can perform well in this role even if they do not have this level of experience, and particularly if they are from backgrounds underrepresented in the field. Candidates who have relevant academic degrees or security certifications are encouraged to apply, but this is a plus – not a requirement.

Related Skills and Knowledge: 

• 3-5 years experience in managing a team.
• Extensive knowledge of information security and risk management, ideally in the context of an international organization or in journalism with practical experience in high risk and complex operating environments.
• Security management experience and/or prior director level role in a related field is required.
• Working knowledge of the risks associated with human rights and/or civil society activism and/or journalism globally is required