Vera Institute of Justice

Manager, Information Security, IT (Brooklyn, NY)

IT - Brooklyn, NY - Full Time

Who we are:

The Vera Institute of Justice, founded in 1961, is a nonprofit criminal justice organization that strives to build just government institutions and safe communities free from the scourge of racism, white supremacy, profit, and inequity that is pervasive in this country’s legal systems. We are an “inside” lane organization that drives change at scale with ambitious public sector leaders who share our commitment to building anti-racist, reparative systems that deliver justice. We leverage our access to government to transform these systems and work collaboratively with stakeholders across many movements—including advocacy, grassroots, and grasstop organizations. Our role is to pilot solutions that are transformative and achievable, harness the power of evidence to drive effective policy and practice, and use advocacy and communications to change narratives and norms.

Vera has a staff of just over 300 people and offices in New York City, Washington, DC, Los Angeles, and New Orleans. We are an equal opportunity employer with a commitment to diversity in the workplace. We expect our staff to embody respect, independence, collaboration, commitment, anti-racism, and equity—both in our outward-facing work and the internal culture of our workplace. We value a range of experiences in people’s educational backgrounds and encourage people who have been directly impacted by the criminal justice system to apply.

Who you are:

Manages and monitors all aspects of technology operations and recommending security controls. Responds to security incidents and events. Has accountability for identifying necessary security controls and executing their implementation. Designs reports on security events and incidents and other related metrics. Partners with multiple teams across the organization to remediate security findings. Manages the process of conducting access and authorization audits and entitlement, privileged access and third-party reviews. Analyzes security systems recommends and implements improvements on a continuous basis.

Leads the process of identifying and reviewing possible threats or software issues. Manages the research and investigation of weaknesses and creates formal methods and processes to mitigate them. Evaluates and identifies cost-effective solutions to cybersecurity problems. Acts as a subject matter expert on software, hardware and internet needs for the Institute while adjusting them according to our environment. Develops best practices and security standards for the organization. Conducts testing on software, firmware, security and firewalls. Identifies risks, research mitigation strategies and monitors remediation efforts. Maintains risk register and reports on metrics, security posture, and remediation progress.

Responsibilities include, but are not limited to:

Translation of contractual language into a set of policies and requirements for technical infrastructure used by Vera and its network of subcontractors

  • Communicates requirements to Vera staff and subcontractors
  • Updates and disseminate policies and procedures as needed over the course of the contract

Designs and manages the process of routine review of Vera on-prem and cloud systems to ensure policy compliance

  • Reviews controls for security compliance of all relevant systems and devices
  • Formulates and implements strategies to improve and enhance security posture
  • Documents audit results and tracks outcomes of risk resolution over the course of the contract

Develops and executes solutions to risks identified in security reviews

  • Consults with internal teams and departments to provide recommendations on how to meet standards outlined in the policy
  • Collaborates with Vera IT to solve internal issues identified
  • Updates policies and disseminates documentation as needed over the course of the contract

Serves as point person for staff and business partners to ensure technology and systems are properly integrated with Vera IT systems and processes where appropriate

  • Conducts systems and process audits and reviews
  • Reports findings and research recommendations

What qualifications do you need?

Required:

  • 7+ years of progressive experience in an IT security and/or government contract compliance role, with recent experience leading IT initiatives
  • Ability to prioritize projects
  • Excellent communication skills
  • Certifications such as CISSP, GSEC, CEH or CISM desired
  • Experience with security best practices and implementation
  • At least 2 years' experience in the cybersecurity industry
  • Critical thinking skills and the ability to solve problems as they arise
  • Scripting and coding skills and familiarity with security automation.
  • Knowledge of NIST framework and standards and CSF
  • Experience performing system audits and developing solutions to security and compliance risks
  • Strong cloud security, monitoring and alerting skills.
  • Experience managing firewalls, SIEM, and Network Monitoring tools.

Preferred:

  • Bachelors degree + 6-9 years of relevant experience.  In lieu of a Bachelors degree, applicable work or life experience may be considered.
  • Experience in an IT security and/or government contract compliance role
  • Experience leading IT initiatives

Additional eligibility requirements:

  • Familiarity with AWS cloud products preferred
  • Familiarity with Docker/VM deployment preferred
  • Prior experience working with analytics teams preferred

Compensation and Benefits

The compensation range for this position is $117,000 - $120,000. Actual salaries will vary depending on factors including but not limited to experience and performance. The salary range listed is just one component of Vera Institute’s total compensation package for employees. As an employer of choice in our field, supporting Vera staff—both personally and professionally—is a priority. To do this, we invest in the well-being of our staff through other rewards including merit pay, generous paid time off, a comprehensive health insurance plan, student loan repayment benefits, professional development training opportunities and up to $2,000 annual for education costs and fees relevant to Vera work, employer-funded retirement plan, and flexible time and remote work schedules. To learn more about Vera’s benefits offerings, click here.

Applications may also be faxed to:

ATTN: People Resources / Manager, Information Security, IT
Vera Institute of Justice
34 35th St, Suite 4-2A, Brooklyn, NY 11232
Fax: (212) 941-9407
Please use only one method (online, mail or fax) of submission.
No phone calls, please. Only applicants selected for interviews will be contacted.

As a federal contractor, and in order to ensure a healthy and safe work environment, Vera Institute of Justice is requiring all employees to be fully vaccinated and provide proof of their COVID-19 vaccine before their start date. Employees who cannot receive the vaccine because of a disability/medical contraindication or sincerely-held religious belief may request an accommodation (e.g., an exemption) to this requirement.

Vera is an equal opportunity/affirmative action employer.  All qualified applicants will be considered for employment without unlawful discrimination based on race, color, creed, national origin, sex, age, disability, marital status, sexual orientation, military status, prior record of arrest or conviction, citizenship status, current employment status, or caregiver status. 

Vera works to advance justice, particularly racial justice, in an increasingly multicultural country and globally connected world. We value diverse experiences, including with regard to educational background and justice system contact, and depend on a diverse staff to carry out our mission. 

For more information about Vera, please visit www.vera.org

Apply: Manager, Information Security, IT (Brooklyn, NY)
* Required fields
First name*
Last name*
Email address*
Location
Phone number*
Resume*

Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or paste resume

Paste your resume here or attach resume file

Please attach a cover letter.*
The following questions are entirely optional.
To comply with government Equal Employment Opportunity and/or Affirmative Action reporting regulations, we are requesting (but NOT requiring) that you enter this personal data. This information will not be used in connection with any employment decisions, and will be used solely as permitted by state and federal law. Your voluntary cooperation would be appreciated. Learn more.
Gender
Race/Ethnicity

Invitation for Job Applicants to Self-Identify as a U.S. Veteran
  • A “disabled veteran” is one of the following:
    • a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or
    • a person who was discharged or released from active duty because of a service-connected disability.
  • A “recently separated veteran” means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.
  • An “active duty wartime or campaign badge veteran” means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.
  • An “Armed forces service medal veteran” means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.
Veteran status
I IDENTIFY AS ONE OR MORE OF THE CLASSIFICATIONS OF PROTECTED VETERAN LISTED ABOVE
I AM NOT A PROTECTED VETERAN
I DON’T WISH TO ANSWER

Voluntary Self-Identification of Disability
Voluntary Self-Identification of Disability Form CC-305
OMB Control Number 1250-0005
Expires 5/31/2023
Why are you being asked to complete this form?

We are a federal contractor or subcontractor required by law to provide equal employment opportunity to qualified people with disabilities. We are also required to measure our progress toward having at least 7% of our workforce be individuals with disabilities. To do this, we must ask applicants and employees if they have a disability or have ever had a disability. Because a person may become disabled at any time, we ask all of our employees to update their information at least every five years.

Identifying yourself as an individual with a disability is voluntary, and we hope that you will choose to do so. Your answer will be maintained confidentially and not be seen by selecting officials or anyone else involved in making personnel decisions. Completing the form will not negatively impact you in any way, regardless of whether you have self-identified in the past. For more information about this form or the equal employment obligations of federal contractors under Section 503 of the Rehabilitation Act, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition. Disabilities include, but are not limited to:

  • Autism
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, or HIV/AIDS
  • Blind or low vision
  • Cancer
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or hard of hearing
  • Depression or anxiety
  • Diabetes
  • Epilepsy
  • Gastrointestinal disorders, for example, Crohn's Disease, or irritable bowel syndrome
  • Intellectual disability
  • Missing limbs or partially missing limbs
  • Nervous system condition for example, migraine headaches, Parkinson's disease, or Multiple sclerosis (MS)
  • Psychiatric condition, for example, bipolar disorder, schizophrenia, PTSD, or major depression
Please check one of the boxes below:
YES, I HAVE A DISABILITY, OR HAVE A HISTORY/RECORD OF HAVING A DISABILITY
NO, I DON'T HAVE A DISABILITY, OR A HISTORY/RECORD OF HAVING A DISABILITY
I DON'T WISH TO ANSWER

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

Your Name Today's Date