View Our Website View All Jobs

Data Security & Compliance Manager, IT/UCP (Brooklyn, NY, Washington D.C. or Remote)

Who we are:

The Vera Institute of Justice, founded in 1961, envisions a society that respects the dignity of every person and safeguards justice for everyone. Vera is committed to securing equal justice, ending mass incarceration, and strengthening families and communities. 

  • We study problems that impede human dignity and justice. 
  • We pilot solutions that are at once transformative and achievable. 
  • We engage diverse communities in informed debate. 
  • And we harness the power of evidence to drive effective policy and practice. 

We work with others who share our vision to tackle the most pressing injustices of our day—from mass incarceration, racial disparities, and the loss of public trust in law enforcement to the unmet needs of people who are vulnerable, marginalized, and harmed by crime and violence. Vera has offices in New York City, Washington, DC, Los Angeles, and New Orleans. Vera is an equal opportunity employer with a commitment to diversity in the workplace. We hire employees that reflect our values: respect, independence, collaboration, commitment, and race equity.  If you want to learn more about life at Vera click here.

What You'll Do:

The Unaccompanied Children Program (UCP) in Vera’s Center on Immigration and Justice (CIJ) works with a national network of nonprofit legal service providers to administer a program that provides information and legal representation to children who enter the United States without a parent or guardian in order to protect their due process rights.  . The Security Compliance Manager will be a cross-functional member of Vera’s IT and UCP teams. They will be responsible for creating a recommended framework for data compliance of Vera’s UCP-specific data systems and subcontractor IT systems as provided by the data and information security requirements set by the government agency overseeing this work.  The Security Compliance Manager will become the key point person for external (sub-contractor network) and internal (Vera) communications regarding IT security compliance as it relates to the UCP contract.  The person in this position will collaboratively set policy, identify risks, and resolve issues as part of managing the storage and transmission of information across both Vera-managed and subcontractor-managed systems.

Main responsibilities

Work with key stakeholders (IT, Legal, program and data teams from the Unaccompanied Children Program, Legal Service Providers, etc.) to gain an understanding of the current compliance and risk landscape. Create a recommended framework for policies and requirements for technical infrastructure used by Vera’s UCP program staff and its network of subcontractors, and update guidance as government requirements change.

  • Communicate recommendations to Vera IT Team, UCP program staff, and subcontractors
  • Update and disseminate policies as needed over the course of the contract

Conduct regular reviews of subcontractor systems to ensure policy compliance

  • Act as a resource and partner with Legal Service Providers to measure sub-contractor compliance against recommended framework of hardware and software used to carry out UCP work, reviewing for the security compliance all relevant systems and devices
  • Document audit results and track outcomes of risk resolution over the course of the contract
  • Responsible for incident response and escalations as needed

Work with Vera IT team to ensure compliance in accordance with Vera’s Written Information Security Policy

  • Partner with Vera’s existing security and IT vendors and perform tasks related to Vera’s IT security practice
  • Identify gaps and make recommendations on resolutions regarding practice, policy, or governance
  • Update policies and disseminate documentation as needed over the course of the contract
  • Perform training for applications directly related to IT security

Respond to requests on information and security requirements from government stakeholders (including regular contract compliance checks, special requests during contract transition periods, etc).

What qualifications you will need

Required:

  • 7+ years of progressive experience in an IT security and/or government contract compliance role, with recent experience leading IT initiatives
  • Proven record of successfully managing and implementing projects within a GRC (Governance, Risk, and Compliance) tools (RSA Archer, RSAM, MetricStream, IBM OpenPages, BWise, others) on premise or SaaS environment.
  • Strong knowledge of National Institute of Standards and Technology (NIST) framework and standards, with applied government contract experience
  • Must be able to assess computer hardware, software, and systems for security risks or violations and work with the IT team and its technology partners/vendors to recommend solutions.
  • Must be able to create strategies to address awareness and training for all stakeholders as well as technical solutions.
  • Certification for Information System Security Professional (CISSP)
  • Prior experience developing solutions to security compliance risks
  • Able to communicate and create IT security awareness clearly and effectively with staff of varying technical knowledge
  • Familiarity with hybrid on-prem & cloud IT infrastructures
  • A strong dedication to equity and justice

Preferred:

  • Familiarity with AWS cloud products preferred
  • Familiarity with Docker/VM deployment preferred
  • Prior experience working with analytics teams preferred

How to apply

Please submit a cover letter and resume. Applications will be considered on a rolling basis until the position is filled. Online submission in PDF format (through Vera’s career page) is preferred.  No phone calls, please. Only applicants selected for interviews will be contacted.  

ATTN: Human Resources / Data Security & Compliance Manager
Vera Institute of Justice
34 35th St, Suite 4-2A, Brooklyn, NY 11232
Fax: (212) 941-9407
Please use only one method (online, mail or fax) of submission.
No phone calls, please. Only applicants selected for interviews will be contacted.

Vera is an equal opportunity/affirmative action employer.  All qualified applicants will be considered for employment without unlawful discrimination based on race, color, creed, national origin, sex, age, disability, marital status, sexual orientation, military status, prior record of arrest or conviction, citizenship status, current employment status, or caregiver status. 

Vera works to advance justice, particularly racial justice, in an increasingly multicultural country and globally connected world. We value diverse experiences, including with regard to educational background and justice system contact, and depend on a diverse staff to carry out our mission. 

For more information about Vera, please visit www.vera.org

 

 

Read More

Apply for this position

Required*
Apply with
We've received your resume. Click here to update it.
Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

To comply with government Equal Employment Opportunity and/or Affirmative Action reporting regulations, we are requesting (but NOT requiring) that you enter this personal data. This information will not be used in connection with any employment decisions, and will be used solely as permitted by state and federal law. Your voluntary cooperation would be appreciated. Learn more.
Gender
Race/Ethnicity

Invitation for Job Applicants to Self-Identify as a U.S. Veteran
  • A “disabled veteran” is one of the following:
    • a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or
    • a person who was discharged or released from active duty because of a service-connected disability.
  • A “recently separated veteran” means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.
  • An “active duty wartime or campaign badge veteran” means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.
  • An “Armed forces service medal veteran” means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.
Veteran status
I IDENTIFY AS ONE OR MORE OF THE CLASSIFICATIONS OF PROTECTED VETERAN LISTED ABOVE
I AM NOT A PROTECTED VETERAN
I DON’T WISH TO ANSWER

Voluntary Self-Identification of Disability
Voluntary Self-Identification of Disability Form CC-305
OMB Control Number 1250-0005
Expires 5/31/2023
Why are you being asked to complete this form?

We are a federal contractor or subcontractor required by law to provide equal employment opportunity to qualified people with disabilities. We are also required to measure our progress toward having at least 7% of our workforce be individuals with disabilities. To do this, we must ask applicants and employees if they have a disability or have ever had a disability. Because a person may become disabled at any time, we ask all of our employees to update their information at least every five years.

Identifying yourself as an individual with a disability is voluntary, and we hope that you will choose to do so. Your answer will be maintained confidentially and not be seen by selecting officials or anyone else involved in making personnel decisions. Completing the form will not negatively impact you in any way, regardless of whether you have self-identified in the past. For more information about this form or the equal employment obligations of federal contractors under Section 503 of the Rehabilitation Act, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition. Disabilities include, but are not limited to:

  • Autism
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, or HIV/AIDS
  • Blind or low vision
  • Cancer
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or hard of hearing
  • Depression or anxiety
  • Diabetes
  • Epilepsy
  • Gastrointestinal disorders, for example, Crohn's Disease, or irritable bowel syndrome
  • Intellectual disability
  • Missing limbs or partially missing limbs
  • Nervous system condition for example, migraine headaches, Parkinson's disease, or Multiple sclerosis (MS)
  • Psychiatric condition, for example, bipolar disorder, schizophrenia, PTSD, or major depression
Please check one of the boxes below:

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

You must enter your name and date
Your Name Today's Date