Technical Advisor, Information Security, Data.FI 32 views

Technical Advisor, Information Security, Data.FI
About Palladium:
Palladium is a global company working to design, develop and deliver positive impact on the lives and livelihoods of people around the globe; broaden access to health, water, power, and infrastructure; build enduring, sustainable, and transformative institutions and market systems to address global challenges; and conserve the natural world. We operate in over 90 countries and have a workforce of 4,000 talented, motivated, and diverse staff of all religions, races, languages, and gender identities.
This Opportunity:
Our Data, Informatics, and Analytical Solutions (DIAS) group is made of three portfolios that strengthen and harness digital and data ecosystems to accelerate development investments and outcomes: 1- Information Systems, 2- Monitoring, Evaluation, Learning and Analytics and 3- Digital Solutions and Transformation.
Palladium’s Information Systems Portfolio is seeking a Technical Advisor, Information Security for the Data for Implementation (Data.FI) Project. Data.FI is a five-year global project funded by the U.S. Agency for International Development (USAID) to support the HIV and COVID-19 response. Data.FI partners with programs to accelerate and sustain access to and use of high-quality data to expedite HIV and COVID-19 epidemic control and maintenance. By improving global, regional, national, and community/local in-depth analyses of HIV and COVID-19 epidemiologic and programmatic data, Data.FI expedites program achievements to improve client services and attain and sustain control of the epidemics. Data.FI supports host country governments to enhance existing health information systems (HIS), informing management responses to gaps in programming and sustaining impact by supporting local partner transition.
The Technical Advisor, Information Security will be responsible for overseeing information security, cybersecurity and IT risk management programs based on industry-accepted information security and risk management frameworks. This includes developing and executing an information security strategy for the project, including routine staff training and activity audits. The Technical Advisor will also develop and support the implementation of information system governance approaches and tools that support information security across our country programs, including with external stakeholder groups. The postholder will work in partnership with the Information Security Advisor, Americas to ensure that the project is in compliance with corporate policy.
Location:
The position is based in Palladium’s Washington, DC office.
You and Your Career:
If you have exceptional expertise in improving information security in a development context; have a clear understanding of USAID information security and responsible data use policy; have strong project management skills, are enthusiastic about building capacity and guidance in information security, and approach new and complex tasks with curiosity and a commitment to deliver, we are interested in hearing from you.
We are a learning organization and provide growth opportunities from the start. We pride ourselves on giving you the freedom, resources, and guidance to chart a fulfilling career!
Reporting and Supervision:
Reports to Technical Director, Data.FI
Matrixed reporting line to the Information Security Advisor, Americas Business Unit
Position can entail 20% of travel globally
Primary Duties and Responsibilities:
The Technical Advisor, Information Security will be responsible for overseeing information security, cybersecurity and IT risk management programs based on industry-accepted information security and risk management frameworks. Specific responsibilities are:
Lead the continuous development, implementation and updating of Data.FI’s information security and data privacy standards, guidelines, processes and procedures in compliance with USAID and Palladium corporate policy, with a particular focus on protecting PII/PHI
Develop and manage the frameworks, processes, tools and partners/consultants to manage risk and to support risk-based decisions related to information system activities
Lead routine activity audits to proactively identify and mitigate information security risks and facilitate the management response and remediation efforts
Ensure overall compliance with regulatory requirements through proactive planning and communication, ownership and relationships
Identify acceptable levels of residual risk and assist with action plans, policy and procedural changes for risk mitigation
Provide strategic recommendations to activities to help improve project results, quality of deliverables, risk optimization, security processes and compliance with regulations
Facilitate information systems security management education and training in USAID, corporate and project standards for all project staff
Document any security breaches and assess their damage, working with the project leadership team and Global ICT
Review all project data sharing / data access agreements and keep a current roster of agreements
Build and keep up-to-date a register of project systems, and key stakeholders
Collaborate with Palladium Global ICT team, as well as the Lead for Information Security across our Americas Business Unit, on policy development and implementation, as needed
Key Competencies Required:
Prior experience in an information security role for a large project or company
Experience working in the international development sector
Knowledge of IT processes and controls and strong understanding of risk and control frameworks such as (CoBIT, ISO, NIST, ITIL, PCI). General knowledge of information security regulatory requirements and standards such as, GDPR, ISO 27001/2, SANS top 20 and NIST 800-53.
Knowledge and understanding of USAID information security, responsible data use, governance, risk and compliance practices and standards.
Ability to educate a non-technical audience about various information security including cybersecurity measures
Ability to think through potential scenarios and mitigating interventions to deliver project objectives in diverse and complex environments, including a willingness to think outside the box, approach challenges with creative solutions
Demonstrated ability to work effectively as part of a team, capturing input and feedback, as well as independently with a high degree of drive, initiative and autonomy
Demonstrated high level project management skills. Demonstrated ability to coordinate complex activities, meet deadlines, and exercise sound judgment and discipline
Prior experience of working in a fast-paced, solution-focused and dynamic workplace, with expert skills in multi-tasking
Ability to work cross-culturally, using inclusive collaborative approaches and language
Flexibility to work across time zones, at times accommodating meeting times beyond the regular workday
Excellent oral and written communication skills in English
Professional Expertise/Competencies Preferred:
Familiarity with information security policy in African and Central American countries, highly desired
French and/or Spanish language skills, strongly preferred
Equity, Diversity & Inclusion – Palladium is committed to embedding equity, diversity, and inclusion into everything we do. We welcome applications from all sections of society and actively encourage diversity to drive innovation, creativity, success and good practice. We positively welcome and seek to ensure we achieve diversity in our workforce; and that all job applicants and employees receive equal and fair treatment regardless of their background or personal characteristics. These include: (but are not limited to) socio-economic background, age, race, gender identity and expression, religion, ethnicity, sexual orientation, disability, nationality, veteran, marital or Indigenous status.
Should you require any adjustments or accommodations to be made due to a disability or you are a neurodivergent individual or for any other circumstance, please email our team at accessibility@thepalladiumgroup.com and we will be in touch to discuss.
Safeguarding – We define Safeguarding as “the preventative action taken by Palladium to protect our people, clients and the communities we work with from harm”. We are committed to ensuring that all children and adults who come into contact with Palladium are treated with respect and are free from abuse. All successful candidates will be subject to an enhanced selection process including safeguarding-focused interviews and a rigorous due diligence process.
Apply now
Share
Save Job