Managing Director, Information Security (New York, NY)
The Managing Director of Information Security will help define the cyber security program of Teach For America. This person will help shape our cyber strategy but will also require a hands-on approach. The person that will best fit this position will combine their strong background in the Information Security space and will be well versed in best practice and governance, in addition to having responsibility for a broad range of tasks, including the day-to-day monitoring of information security tools and devices, as well as support for security information and event management (SIEM), and may include responsibilities for the security administration of a variety of IT systems across the enterprise.
The Information Technology Team is passionate about technology and collaboration. We partner with every other team in the organization to create technology solutions that allow us to work more effectively and efficiently on the way to ensuring one day all children have access to excellent educational opportunities. To do so, we work with some of the biggest names in technology, and leverage the latest software, equipment, and expertise.
Our team loves to collaborate, working with many other teams in the organization to create world-class technology solutions that staff and corps members use to more effectively and efficiently get all kids access to educational opportunity. We work very hard, but we also have a lot of fun. We enjoy game nights, ice cream socials, and themed potlucks where we get together to explore each other's cultures and favorite recipes.
Strategic Support (25%)
- Work to develop a security program and security projects that address identified risks and business security requirements.
- Manage the process of gathering, analyzing and assessing the current and future threat landscape, as well as providing management with a realistic overview of risks and threats in the enterprise environment.
- Monitor and report on compliance with security policies, as well as the enforcement of policies within the IT department.
- Propose changes to existing policies and procedures to ensure operating efficiency and regulatory compliance.
- Provide leadership and coaching, including technical and personal development programs for team members.
Security Liaison (25%)
- Assist resource owners and IT staff in understanding and responding to security audit failures reported by auditors.
- Provide security communication, awareness and training for audiences, which may range from senior leaders to field staff.
- Work as a liaison with vendors and the legal and purchasing departments to establish mutually acceptable contracts and service-level agreements.
- Manage production issues and incidents, and participate in problem and change management forums.
- Work with various stakeholders to identify information asset owners to classify data and systems as part of a control framework implementation.
- Serve as an active and consistent participant in the information security governance process.
- Work with IT and business stakeholders to define metrics and reporting strategies that effectively communicate successes and progress of the security program.
- Provide support and guidance for legal and regulatory compliance efforts, including audit support.
Architecture/Engineering Support (25%)
- Consult with IT and security staff to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications and software.
- Recommend and coordinate the implementation of technical controls to support and enforce defined security policies.
- Research, evaluate, design, test, recommend or plan the implementation of new or updated information security hardware or software, and analyze its impact on the existing environment; provide technical and managerial expertise for the administration of security tools.
- Work with the enterprise architecture team to ensure that there is a convergence of business, technical and security requirements; liaise with IT management to align existing technical installed base and skills with future architectural requirements.
- Develop a strong working relationship with the IT team to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements.
Operational Support (25%)
- Coordinate, measure and report on the technical aspects of security management.
- Manage outsourced vendors that provide information security functions for compliance with contracted service-level agreements.
- Manage and coordinate operational components of incident management, including detection, response and reporting.
- Maintain a knowledgebase comprising a technical reference library, security advisories and alerts, information on security trends and practices, and laws and regulations.
- Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk.
- Manage security projects and provide expert guidance on security matters for other IT projects.
- Assist and guide the disaster recovery planning team in the selection of recovery strategies and the development, testing and maintenance of disaster recovery plans.
- Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements.
- Design, coordinate and oversee security testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks.
- Respond to and, where appropriate, resolve or escalate reported security incidents.
- Monitor system logs, SIEM tools and network traffic for unusual or suspicious activity. Interpret such activity and make recommendations for resolution.
- Investigate and resolve security violations by providing postmortem analysis to illuminate the issues and possible solutions.
- Assist as needed with the monitoring of internal control systems to ensure that appropriate information access levels and security clearances are maintained.
- Minimum of seven years of IT Information Security experience
- Experience working with legal, audit and compliance staff.
- Experience developing and maintaining policies, procedures, standards and guidelines.
- Experience with common information security management frameworks, such as International Standards Organization (ISO) 2700x, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) frameworks.
- Experience in application technology security testing (white box, black box and code review).
- Experience in system technology security testing (vulnerability scanning and penetration testing).
- Strong leadership skills and the ability to work effectively with business managers, IT engineering and IT operations staff.
- The ability to interact with TFA personnel, build strong relationships at all levels and across all business units and organizations, and understand business imperatives.
- A strong understanding of the business impact of security tools, technologies and policies.
- Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the IT organization, project and application development teams, management and business personnel; in-depth knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls; an excellent understanding of information security concepts, protocols, industry best practices and strategies.
- Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies.
- Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans.
- Strong analytical skills to analyze security requirements and relate them to appropriate security controls.
- An understanding of operating system internals and network protocols.
- Familiarity with the principles of cryptography and cryptanalysis.
- Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management.
- Technical proficiency with security-related systems and applications
- This position is located on site in our New York national office.
- Bachelor's degree in information systems, or equivalent work experience
- CISSP or CISM certifications a plus
To be considered for this role, you must submit an online application. Please scroll down to the bottom of this page to find the link to the online application.
About the Organization
There are more than 16 million children growing up in poverty in the U.S., and less than 10 percent of them will graduate from college. These statistics are not a reflection of our children's potential; we know that children growing up in poverty can and do achieve at the highest levels. Rather, these statistics reflect the systemic lack of access and opportunity for children in low-income communities.
Teach For America (TFA) finds, develops, and supports an ever-expanding network of outstanding and diverse leaders committed to expanding opportunity for children in schools, school systems, and in every sector and field that shapes the context in which schools operate. Representing the diversity of America and sharing the experience of having taught successfully in our most challenging public schools, TFA corps members and alumni form a network of change agents inside and outside of education who are grounded in the tremendous potential of our most underserved children and connected to families and communities impacted by educational inequity.
Founded by Wendy Kopp in 1989, Teach For America has since expanded to 36 states and 53 regions, reaching more than 10 million students. Now 53,000 strong and growing each year, the TFA community is leading across all sectors, including as teachers, school and school system leaders, elected officials, policy and advocacy organizers, social entrepreneurs, and business and civic leaders. We support the individual and collective leadership of this network as they work hand-in-hand with students, families, and allies in the effort to realize educational equity and excellence for children across the nation.
Our Core Values:
Our core values define who we are at our best and guide our work together.
- Pursue Equity: We work to change practices, structures, and policies to realize educational equity for all children. As we do so, we actively examine our roles in perpetuating inequitable systems.
- Strengthen Community: We assume responsibility for our collective strength by developing relationships, building diverse and inclusive coalitions, and challenging one another to be our best. We act with empathy and extend grace to ourselves and others.
- Achieve Impact: We pursue ambitious, meaningful outcomes that lead to access and opportunity for all children. We hold ourselves to high standards, make data-informed decisions, and orient to long-term success.
- Choose Courage: We act on our beliefs and values, especially when it's hard. We center our efforts on the aspirations of our students and their families.
- Act with Humility: We acknowledge the limitations of our perspectives. We seek different points of view and historical context to evolve our thinking and actions.
- Demonstrate Resilience: We see every challenge as an opportunity to think expansively about solutions. When faced with obstacles, we deepen our resolve, adapt, and persist with optimism.
- Learn Continuously: We operate with curiosity and embrace new ideas to innovate and constantly improve. We take informed risks and learn from successes, setbacks, and each other.
Diversity, Equity and Inclusiveness at the Center of Our Mission
At Teach For America, we aspire to embody the commitment to diversity, equity, and inclusiveness we envision for our nation. Unequal access to opportunity along lines of race, class, and other aspects of identity has deep roots in American history, and institutional racism and classism contribute to inequitable access to educational opportunity in our country today. Therefore, understanding race, class, and the intersectional nature of oppression along these and other lines is critical to eliminating educational inequity and creating an education system in which all students can flourish.
Realizing educational equity and excellence will take a broad and diverse coalition of people—of diverse races, ethnicities, socioeconomic statuses, genders, sexual orientations, abilities, political views, and other aspects of identity and spheres of influence—united around a common purpose and shared values. We know that the change effort must be shaped by those of us who are most directly impacted by educational inequity. We also know that progress is only possible if each of us works effectively across lines of difference—with students, parents, partners, and each other—and if each of us understands and leverages the assets we bring to this work based on our identities and life experiences.
This understanding guides our strategy as we pursue our mission, and impacts how we allocate resources to recruit, select, train, support, retain, and engage corps members, alumni, and staff. In all we do, we act on the following beliefs.
→ Diversity is crucial for successful change efforts and is one of Teach For America's greatest strengths.
→ The full potential of our diverse network will be reached only when we are an inclusive community.
→ The predictability of success or failure for our students or individuals in our organization should not correlate with any social, cultural or other identity-based factors.
In striving to grow as individuals who lead with a commitment to diversity, equity and inclusiveness, we focus on:
- Understanding of self and self in relation to others. We examine our worldview and experiences to understand how they're influenced by power, privilege, oppression, and biases. As we deepen our understanding of self in relation to others, we seek out diverse perspectives and experiences to challenge our assumptions and expand our perspectives.
- Understanding and interrupting systemic racism, classism, and other forms of oppression. We understand that our society and education system have been shaped by multiple forms of oppression, in particular racism and classism. We understand the role and impact of unconscious bias in establishing low expectations for children's capabilities, and we also see this play out in the workplace. Therefore, we commit to work together `to envision and implement new ways of operating that disrupt these systems and practices.
- Working toward equity. We leverage this understanding to surface and interrupt inequitable practices in our schools as well as within our organization. In classrooms, we are committed to ensuring all students have the necessary resources, supports, and academic preparation they need to ensure full agency in their lives. In our organization, we're committed to allocating our resources and setting organizational policies, systems, and practices to reduce and eliminate gaps in experience and outcomes by demographic group.
- Building inclusive coalitions. We recruit and retain a corps and staff that reflects the inclusive coalition we need representing our nation. Simultaneously, we ensure those of us who have faced educational inequity shape our direction. We intentionally build authentic relationships across lines of difference; facilitate honest and productive conflict among diverse groups; create structures, policies, and processes that enable this effort; and value the diversity of ideas and perspectives required in this effort.
Benefits and Salary
Salary for this position is competitive and depends on prior experience. In addition, a comprehensive benefits package is included. Learn more at www.teachforamerica.org/about-us/careers/employee-benefits.
Commitment to Diversity and Equal Opportunity Employment Policy
Teach For America encourages individuals of all ethnic, racial, and socioeconomic backgrounds to apply for this position. We are committed to maximizing the diversity of our organization, as we want to engage all those who can contribute to this effort. Learn more about our diversity on staff: www.teachforamerica.org/about-us/careers/life-at-tfa/workforce-diversity-and-inclusiveness.
Teach For America is committed to providing equal employment opportunities to all qualified individuals and does not discriminate on the basis of race, color, ethnicity, religion, sex, gender, gender identity and expression, sexual orientation, national origin, disability, age, marital status, veteran status, pregnancy, parental status, genetic information or characteristics (or those of a family member) or any other basis prohibited by applicable law.
This job description reflects Teach For America's assignment of essential functions and qualifications of the role. Nothing in this herein restricts management's right to assign, reassign or eliminate duties and responsibilities to this role at any time.
Meet Some of Teach For America's Employees
Manager, Teacher Leadership Development
Aimée supports new corps members, helping TFA’s first and second year teachers navigate the classroom and successfully educate students.
Back to top