Director, Information Security

FULL-TIME JOB VACANCY

Director, Information Security

Information Security Division

Multiple Locations Considered

Application Deadline: February 27, 2025

Human Rights Watch (“HRW”) is seeking a highly skilled and forward-thinking Director of Information Security to lead our efforts in ensuring robust digital security practices across our globally dispersed organization. This critical role involves safeguarding HRW’s ability to investigate abuses, expose facts, and advocate for human rights by maintaining a secure digital environment in over 45 countries. The Director of Information Security will be at the forefront of responding to evolving threats from governments, non-state actors, and other adversaries while fostering a culture of security awareness and resilience within the organization.

Reporting to the Chief Information Officer (CIO), the Director of Information Security will work closely with the Director of IT Operations and the Director of Enterprise Applications to ensure cohesive strategies across HRW’s technical ecosystem. The Director will manage a dedicated team of three, closely collaborate with the Director of Physical Security, and engage with internal and external security advisors to provide strategic leadership on digital security. This role involves navigating complex and varied operational environments, advising on security best practices, and supporting HRW’s mission with effective and innovative solutions, including real-time crisis management. The successful candidate will also work with non-technical staff to build trust, solve problems, and ensure digital security is embedded across all organizational functions.

This position may be based in the following locations where HRW has an office: New York, Washington, London, Brussels, Amsterdam, Berlin, Amman, Nairobi, or Johannesburg. This position will be able to work remotely, but will be expected to travel to HRW offices as required.

Responsibilities:

1. Design, manage, and supervise all aspects of the Information Security program including work plan development and implementation, priority and objective development, monitoring and evaluation, budget monitoring and management, reporting, and collaboration with donors and other partners;
2. Implement and maintain an information security risk management program, and work closely with the Director of Physical Security to implement cohesive security risk management frameworks within Departments across HRW;
3. Advise on technical security concepts pertaining to network security, email security, remote data and third party security;
4. Develop and manage global information security policies, standards, guidelines and procedures to assess, balance, and minimize risk and ensure the confidentiality, integrity, and availability of systems and data.
5. Lead information security planning processes and implementation to establish and/or enhance an inclusive and comprehensive information security program in support of all information systems and technologies;
6. Provide operational security and safety advice as required to managers and staff on the preparation and execution of higher-risk projects and activities, including direct digital security support and advice during the travel or other deployment/presence in higher risk contexts or conducting higher risk activities in coordination with the Director of Physical Security;
7. Provide security incident response in coordination with the Director of Physical Security;
8. Work with the Director of Physical Security to advise on operational security measures and measures for all HRW staff;
9. Proactively work with all HRW departments to craft policies and solutions that mesh well with how HRW staff work; Implement practices that will ensure the highest levels of protection of organizational assets;
10. Serve as a resource for staff and partners on technology issues as they pertain to programmatic research especially around HRW’s particularly sensitive work on net freedom issues including surveillance and global internet technology;
11. Proactively identify and analyze attempts at compromise and offer solutions to prevent future compromise;
12. Lead, motivate, and mentor direct-reports, including communicating clear expectations, setting performance objectives, providing regular and timely constructive feedback, ensuring balanced workload, providing guidance on professional growth, and monitoring staff well-being as it pertains to stress and resilience. issues and self-care;
13. In collaboration with the Director of Physical Security, prepare and present reports on security matters to senior leadership, internal stakeholders, and the HRW Board of Directors as required;
14. Establish and maintain information networks and relationships globally with relevant civil society counterparts, security contacts, government, intelligence, and/or law enforcement contacts, as well as corporate and third party resources, to inform both changing strategy requirements, and ensure HRW and its counterparts are responsive to near and far term risks;
15. Stay informed of and recommend leading, innovative solutions for applicable information security applications, as well as keeping up with industry trends and changes;
16. Be an ambassador for HRW and security best practices in the fields of Human Rights and technology and build relationships with people, organizations, and within sectors that may serve to advance the goals above;
17. Perform other duties as necessary.

Qualifications:

Education and Experience: A level of education that when combined with your professional experience will adequately show you have the capability to lead information security at HRW. We anticipate that successful candidates will have around 10 years of experience in the Information Security field, and around 5 years of management experience, but are eager to hear from candidates who feel confident that they can perform well in this role even if they do not have this level of experience, and particularly if they are from backgrounds underrepresented in the field. Candidates who have relevant academic degrees or security certifications are encouraged to apply, but this is a plus - not a requirement.

Related Skills and Knowledge:

1. Extensive knowledge of information security and risk management, ideally in the context of an international organization or in journalism with practical experience in high risk and complex operating environments.
2. Security management experience and/or prior director level role in a related field is required.
3. Working knowledge of the risks associated with human rights and/or civil society activism and/or journalism globally is required
4. Experience securing a Windows Azure Active Directory environment.
5. Strong experience and practice in practical security issues and solutions
6. Strong technical understanding of the digital threats faced by HRDs, and digital security tools and tactics for targeted and vulnerable populations, including encryption, circumvention, and anonymization technologies and secure configuration and use of devices.
7. Excellent oral and written communication skills in English are required, particularly relating technical topics to lay audiences and persons from a variety of cultural and educational backgrounds. Ability to apply strong analytical skills to interpret and translate complex terms, concepts, and issues into language easily comprehensible to non-experts.
8. Creativity with excellent analytical skills, ability to multi-task and strong project management skills are required.
9. A high level of resilience and drive, able to be flexible, adapt to change as required, choose a course of action, developing appropriate solutions and/or reaching conclusions.
10. Ability to cope well under pressure and demonstrate excellent judgment.
11. Demonstrated ability to work with diverse and cross-cultural teams to achieve common objectives; collaborative and team-oriented with an “enabling” mindset.

Other: Willingness to partake in global travel is required.

Salary and Benefits: HRW seeks exceptional applicants and offers competitive compensation and employer-paid benefits including medical, dental, vision, disability and life insurance. HRW offers a relocation assistance package and will assist employees in obtaining necessary work authorization, if required; people of all nationalities are encouraged to apply. The salary range for this position if based in the US is USD 150,000 – 165,000 plus benefits. Salary ranges outside of the US vary based on location, and you will receive specific salary ranges based on your location early during the recruitment process.

How to Apply: Please apply by February 27, 2025 , by visiting our online job portal at careers.hrw.org and attaching a cover letter and resume, preferably in PDF format. No calls or email inquiries, please. Only complete applications will be reviewed, and only shortlisted candidates will be contacted.

If you are experiencing technical difficulties with your application submission or require a disability related accommodation, please email recruitment@hrw.org. Due to the large response, application submissions via email will not be accepted and inquiries regarding the status of applications will go unanswered.

Human Rights Watch is strong because it is diverse. We actively seek a diverse applicant pool and encourage candidates of all backgrounds to apply. Human Rights Watch does not discriminate on the basis of disability, age, gender identity and expression, national origin, race and ethnicity, religious beliefs, sexual orientation, or criminal record. We welcome all kinds of diversity. Our employees include people who are parents and nonparents, the self-taught and university educated, and from a wide span of socio- economic backgrounds and perspectives on the world. Human Rights Watch is an equal opportunity employer.

Human Rights Watch is an international human rights monitoring and advocacy organization known for its in-depth investigations, its incisive and timely reporting, its innovative and high- profile advocacy campaigns, and its success in changing the human rights-related policies and practices of influential governments and international institutions.