Deputy Chief Information Security Officer

The Democratic National Committee (DNC) Tech Team is a multifaceted, dynamic group dedicated to creating and delivering cutting-edge technology that empowers candidates and organizers throughout all 50 states and 3,413 counties across the United States. Our mission is to harness the power of data analytics, campaign organization, fundraising, and voter mobilization to get out the vote on Election Day! We bring together an exceptional array of talent, including product managers, engineers, researchers, designers, security practitioners, IT professionals, and data scientists, to develop a robust technology ecosystem for progressive initiatives. Our approach combines in-house tool development with strategic partnerships, fostering a collaborative environment that drives innovation and progress.

The Deputy Chief Information Security Officer will partner with the Chief Security Officer to manage and lead our organization's cybersecurity initiatives. This role is focused on the oversight of cyber-related security measures, strategic planning, and operational management of cybersecurity systems without the responsibilities of physical security, which is managed by the Chief Security Officer (CSO) and the DNC Facilities and Operations Team. This role will dialog with leadership of the DNC up to the Executive Director and Chair, while also partnering closely with leaders of our Engineering and Operations teams.

At the DNC, we see our work as foundational and enduring: this is not a hire we are looking to make as a cyclical position tied to any specific election year, but rather we want this person committed to guide the long-term strategic security initiatives at the DNC. This role demands a visionary leader who is adept in multi-faceted coordination across departments and with external agencies.

Do you want to:

Secure the future of our country? Right now, a lot is at stake in our country, and our team has a huge opportunity to make a real difference.

Work with amazing people? We are cultivating a diverse, distributed team by hiring top talent regardless of their location—our team members include alumni from past Presidential campaigns based in DC and New York, seasoned product developers from the SF Bay Area, and many others.

Never stop learning? There are individuals who possess knowledge in politics, others who excel in technology, and a select few who have discovered ways to merge the two. As we forge new paths in this arena, it is essential for you to be comfortable exploring and learning from everyone around you.

Responsibilities/Duties

Strategic Leadership and Collaboration

• Work in tandem with the CSO to develop, refine, and implement the organization’s cybersecurity posture, strategy, and policies
• Share leadership responsibilities for the cybersecurity team, promoting strategic initiatives and ensuring alignment with business goals
• Help drive and manage operational tempo
• Lead and manage a subcommittee within the oversight and governance committee, focusing on specific areas of cybersecurity
• Ensure that the subcommittee’s activities align with the organization's overall security strategy and governance frameworks
• Report key findings and recommendations back to the main oversight and governance committee
  
  
  

Cybersecurity Management

• Co-manage all aspects of cybersecurity operations, ensuring robust protection against cyber threats
• Oversee the design, implementation, and maintenance of effective cybersecurity measures
• Conduct regular security assessments and lead the response to cyber incidents
• Capable of driving clear communications on both strategic and day-to-day cybersecurity issues and risks to a wide audience inside and outside the DNC
  
  
  

Compliance and Policy Development

• Ensure compliance with all relevant information security regulations and standards
• Co-develop and enforce comprehensive cybersecurity policies and procedures
  
  
  

Budget and Resource Allocation

• Assist in managing the cybersecurity budget, advocating for resources necessary to protect organizational assets and information
• Evaluate and advocate for the adoption of new cybersecurity technologies and tools to enhance security and operational efficiency
  
  
  

Team Development and Mentoring

• Play a key role in mentoring and developing the cybersecurity team, fostering an environment of high performance and continuous learning
• Encourage proactive security awareness across the organization
  
  
  

Threat Intelligence and Threat Modeling

• Co-manage the threat intelligence program to proactively identify, analyze, and mitigate potential threats
• Collaborate with the CSO to incorporate cyber threat intelligence into broader threat models that also consider physical security risks
• Ensure continuous monitoring and analysis of potential threats using advanced tools and methodologies
• Partnering with our legal team and organizational leadership, developing and maintaining relationships with the FBI, DHS, and other law enforcement agencies
  
  
  

Stakeholder Engagement and Communication

• Communicate effectively with senior management and other stakeholders about cybersecurity threats, strategies, and changes
• Represent the cybersecurity department alongside the CSO in executive meetings and consultations
  
  
  

Qualifications and Experience

• Minimum of 10 years in information/cybersecurity, including 5 years in a leadership role
• Minimum of 5 years operating in a managerial role
• Excellent leadership, communication, and decision-making skills
• A background in securing tech organizations at multiple levels of scale, from small ephemeral startups to large, well-resourced organizations
• Hands on experience with enterprise and production systems and technologies
• Willing and able to work unconventional hours as needed, including nights, weekends, and holidays, in response to critical security needs or incidents
• Strong understanding of IT systems, cloud, crisis management, and compliance regulations
• Deep understanding of cyber risk management and compliance with cybersecurity frameworks such as NIST, ISO, CIS, and PCI-DSS
• Experience in leading committees or subcommittees focused on governance or security
• Experience in crisis communication, capable of crafting and conveying clear, effective messages during security incidents
• Proficiency in using performance measurement tools such as KPIs and OKRs to assess and report on the health and effectiveness of cybersecurity initiatives
• Understanding of fiduciary responsibilities, including the ability to manage sensitive information and assets with the highest degree of integrity and ethical judgment
• Capable of handling and delivering on tight and sometimes seemingly unreasonable deadlines, finding effective solutions to ensure mission success
• Ability to thrive in a fast-paced and high-pressure environment, demonstrating resilience and flexibility in managing multiple priorities
• Comfortable with ambiguity, capable of making informed decisions and providing guidance when clear answers are not available
• Exceptional capability to communicate critical and complex information rapidly and accurately to senior leadership, enabling swift action in response to directives from high-level entities such as the White House or other elected officials
• In addition to internal functions, this is also a public-facing role. You will work with outside groups like state parties, other committees, and other parts of the Democratic ecosystem. You will also work with our Communications team to tell our story in the media
  
  
  

The Deputy Chief Information Security Officer position will require travel, which could be up to 15% of the time.

The starting salary for the Deputy CISO is $175,000, on an annualized basis, commensurate with experience and qualifications.

Due to federal campaign finance rules, only U.S. citizens or U.S. green card holders are eligible for this role. See 52 U.S.C. 30121; 11 C.F.R. 110.20(i).