Cybersecurity Lead

The Center for Victims of Torture ยท St Paul, MN, USA

Data + Analytics
Human Rights & Equality
$90000 - $120000 Per Year
Posted 2 weeks ago

Featured Job

The Center for Victims of Torture is hiring a Cybersecurity Lead will be responsible for all aspects of cybersecurity at CVT. This position will work closely with other members of the IT team, as well as staff from other CVT departments and programs, in the United States, the Middle East, Africa, and around the world to continuously evaluate and improve CVT’s ability to manage cybersecurity risks. 

This Cybersecurity Lead will monitor systems, identify risks, analyze threats, remediate vulnerabilities, and perform incident response. Position will work with stakeholders to develop and maintain cybersecurity controls, policies, procedures, processes, workflows, and guidance which govern the technology tools and systems maintained by the IT department, as well as those maintained by CVT’s departments and programs.

This position will have primary responsibility for promoting a continuously improving culture of cybersecurity awareness throughout CVT’s global workforce, including education, training, and evaluation. 

Remote status: 85%   


The Center for Victims of Torture works toward a future in which torture ceases to exist and its victims have hope for a new life. We are an international nonprofit dedicated to healing survivors of torture. We offer rehabilitation services to those who have been tortured, train partners around the world who can prevent and treat torture, and advocate for human rights and an end to torture. We are headquartered in Minnesota, and we have US offices in Georgia and DC, as well as offices in Africa and the Middle East.



  • Monitor systems, analyze threats, manage risks, and perform incident response.

Use modern systems and techniques to detect, analyze, and respond to vulnerabilities, suspicious patterns, malicious activity, intrusions, accidental data leaks, etc.   Automate notifications for unusual or high-risk activity.  Perform timely remediation of published vulnerabilities.  Coordinate regular vulnerability scanning and penetration testing.


  • Develop and maintain cybersecurity controls, policies, procedures, processes, workflows, and guidance. Collaborate with CVT departments and programs to understand threat models, conduct risk analyses, and help decision makers achieve effective management of risks while allowing business objectives to be met. Provide guidance on maintaining secure workflows with operational partners across a broad range of risk profiles and cybersecurity capacity. Use relevant cybersecurity frameworks to develop practical, well-informed cybersecurity policies, procedures, processes, workflows, and guidance for on-prem, SaaS, PaaS technology systems.  Continuously evaluate cybersecurity of existing technology and new technology proposed and make recommendations for improvement.


  • Design and administer cybersecurity systems. Develop and apply secure configurations.  Install, configure, and maintain cybersecurity systems for managing endpoints, log collection and analysis, network monitoring, email and content filtering, and related activities.  Perform and document hardening of devices and systems.  Automate cybersecurity-related maintenance tasks.


  • Promote a culture of cybersecurity awareness. Communicate digital-hygiene best-practices to staff.  Coordinate staff cybersecurity training and evaluation.  Convene and facilitate a community of individuals who serve as cybersecurity focal points representing a cross-section of the organization.  Create and maintain a cybersecurity strategic plan.  Participate in development of the IT strategic plan.  Partner with other departments and programs throughout CVT to aid in their ability to integrate cybersecurity best-practices into their plans and budgets.  Collaborate with ISACs and other peers to keep current on the state of cybersecurity. 



Required education, experience, certificates, licenses or registrations

  • 6+ years of relevant cybersecurity experience
  • Prior experience in partnering with cross-functional teams to make risk-informed decisions
  • Prior experience with threat modeling, security design reviews, and risk analyses
  • Prior experience with a broad range of cybersecurity work including, endpoint security, Intrusion Detection Systems (IDS), identity management, vulnerability management, incident response, and threat intelligence
  • Experience analyzing and responding to cybersecurity events such as conducting log analysis, developing queries and analytics, and correlating diverse data sets
  • Experience in developing and implementing security tools and managing infrastructure.
  • Experience in developing and applying secure configurations of multiple platforms and environments including Azure
  • Experience auditing, designing and developing secure IT systems

Preferred education, experience, certificates, licenses or registrations

  • Working experience in a global company
  • Experience working with international nonprofits
  • Prior experience working with or at organizations that face serious security threats is strongly preferred
  • Experience working in environments with strict regulatory compliance obligations
  • CISA, CISSP, or CISM certifications

Competencies (knowledge, skills and abilities)

  • Excellent knowledge of the cybersecurity risks and mitigation techniques of both on premise and cloud-based IT systems and infrastructure
  • Proficiency in several cybersecurity technologies including data loss prevention, encryption, identity and access management, multi-factor authentication, zero-trust architecture, endpoint protection, SIEM and perimeter defenses
  • Strong knowledge of cloud-based platforms and services such as Azure, AWS, Google Cloud, etc.
  • Strong knowledge of common SaaS cybersecurity benchmarks and certifications such as SOC 2, GDPR, HITRUST, NIST, etc.
  • Expertise across common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT, NIST, including 800-53 and Cybersecurity Framework is preferred
  • Ability to manage multiple projects with team members from various business units/functions and countries
  • Ability to maintain up-to-date knowledge of cybersecurity threats, tools, and industry trends
  • Ability to develop and maintain professional, collaborative relationships, including the ability to work cross-culturally
  • Ability to design cybersecurity approaches and workflows for CVT’s work with operational partners that is tailored to match each partner’s individual risk profile and capacity limitations.
  • Ability to communicate effectively in writing and verbally along with the ability to write documentation and communicate to non-technical colleagues
  • Commitment to engaging in human rights work, and diversity, equity and inclusion efforts within the organization
  • Excellent skills in organization, attention to detail and time management (including the ability to meet deadlines)
  • Working knowledge of Microsoft Office suite (Outlook, Word and Excel)
  • Ability to travel to locations in the US and potentially internationally 

Work Environment (subject to change):

  • Typical office environment
  • Time spent on the computer is approximately 95%
  • Time spent in virtual meetings is approximately 20%

To Apply:  Submit resume, cover letter and salary expectations to

CVT is committed to hiring and fostering a diverse and inclusive workforce that leverages the skills and talents of all employees in our organization, regardless of race, color, creed, religion, national origin, sex, gender identity, sexual orientation, disability, age, marital status, veteran status, familial status, genetic information, or any other protected status. We encourage candidates with diverse backgrounds such as these to apply for this position.



Related Jobs

Senior Data Engineer - Swiftly
San Francisco, CA or Remote - Posted 2 weeks ago
Senior Data Scientist - Span
San Francisco, CA - Posted 1 day ago
Senior Data Analyst - Energy Solutions
Oakland, CA/Orange, CA/Remote - Posted 6 hours ago
View more open tech jobs in St Paul, MN, USA
Be the first to see new Cybersecurity Lead jobs

Save this search to get an email when new jobs match this search.

Create Email Alert