Chief Information Security Officer

Location: Remote USA; (DC Area Preferred)

Job Type: Full-Time

 

About NGO-ISAC

​The NGO-Information Sharing and Analysis Center (ISAC) is a startup NGO dedicated to strengthening the cybersecurity posture of non-governmental organizations across the United States. We provide a collaborative security community where members share:
 

• Actionable threat intelligence

• Industry best practices

• Cost-effective security solutions

• Collective defense strategies

Our mission is to create a secure digital environment enabling NGOs to focus on their vital mission-driven work without cyber disruption.

​​

The Role

We're seeking an experienced Chief Information Security Officer to lead our cybersecurity initiatives and community programming. This leader will develop and implement comprehensive information security strategies to protect NGOs within our network, while fostering collaboration among member organizations, security partners, and external stakeholders.

This position is responsible for:

Strategic Leadership & Public Advocacy: Champion a unified cybersecurity vision across our diverse member community while serving as the authoritative voice representing our security posture to stakeholders, partners, and industry forums.

Member-Focused Risk Management: Coordinate threat intelligence sharing and response actions between member organizations, providing executive-level guidance and coaching during incidents. Communicate security priorities to members and their leadership teams across the community.

Collaborative Security Ambassador: Build strong partnerships with member organizations to foster security awareness, represent our collective security interests in high-level discussions, and develop inter-organizational trust that strengthens our entire security ecosystem.

The role includes oversight of NGO-ISAC's internal security operations and managing relationships with external security entities, other ISACs, and law enforcement agencies.

 

Key Responsibilities
Strategic Leadership & Public Advocacy:

• Design and execute a comprehensive information security program tailored to the unique needs of NGOs as the #2 leader in the organization

• Establish a robust risk management framework to identify, evaluate, and mitigate cyber risks across the member community

• Cultivate strategic partnerships with member organizations, government agencies, and industry stakeholders

• Provide leadership to the programs team with clear objectives and performance expectations

• Demonstrate a bias towards action, working independently to lead initiatives with minimal supervision
   

Member-Focused Risk Management:

• Spearhead threat intelligence sharing, incident response coordination, and collaborative defense mechanisms

• Lead initiatives to strengthen cyber defenses for members, especially vulnerable NGOs facing elevated threat levels attacks by nation states, advanced persistent threats, and governments

• Develop and enforce information security policies ensuring compliance with relevant regulations and standards

• Deliver tools and products for member organizations through adoption and configuration of low cost/no cost tools available to NGO members
   

Collaborative Security Ambassador:

• Create and deliver security programs for member organizations and staff with a servant leadership approach

• Evaluate and implement appropriate security technologies and services that maximize impact with lean resources

• Demonstrate ability to execute quickly and efficiently while maintaining high quality outcomes

• Act as a trusted advisor to member organizations, translating complex security concepts into actionable guidance for member organizations, their staff, and executives
   

Qualifications

• 5+ years of experience in a senior IT or Cybersecurity leadership role (CISO, CIO, CTO, or equivalent)

• Exceptional communication skills and ability to engage effectively with diverse stakeholders, from board members to grantmakers to engineers

• Experience working in cybersecurity for or with NGOs strongly preferred

• Specific experience with NGOs in high-risk cybersecurity environments facing nation-state actors or Advanced Persistent Threats (APTs) is strongly desired

• Demonstrated incident response experience involving multiple stakeholders including law enforcement/government, managing internal IT/cyber resources, working with senior internal staff, and external leadership such as boards during incidents  

• Comprehensive understanding of the cybersecurity landscape, threat intelligence, and incident response methodologies

• Familiarity with information security frameworks (ISO 27001, NIST) and data privacy regulations (HIPAA, GDPR)

• Strategic vision with strong analytical and problem-solving capabilities

• Proven experience in startup environments with ability to thrive in ambiguity

• Self-starter mentality with capability to work independently or in small teams to solve complicated problems

• Strong bias towards action and results-oriented execution

• Bachelor's degree in Computer Science, Cybersecurity, Public Administration, Non-Profit Management, or related field (5 years of relevant experience may substitute for degree)

• Professional certifications such as CISSP or CEH are desirable
   

We Offer

• A time to "meet the moment" by helping our sector resolve serious challenges we face in cybersecurity

• An opportunity to build an essential organization protecting civil society from cyber threats

• Direct impact on the security posture of organizations advancing critical global missions

• Collaborative, supportive work environment focused on professional growth

• Competitive salary and comprehensive benefits package

• Unlimited paid time off

• Remote work flexibility

• Professional development and advancement opportunities

• Salary band of $150,000-$190,000

​

Travel Requirements: Position requires availability for monthly travel to support organizational initiatives, fundraising activities, industry events, and member engagement.

 

NGO-ISAC is an equal opportunity employer valuing diversity, talent, passion, and compassion. All persons hired must provide proof of identity and legal work authorization in compliance with federal law.