OFFICE LOCATION
United States
#PDN
Who We Are
The mission of The Nature Conservancy (TNC) is to conserve the lands and waters upon which all life depends. As a science-based organization, we develop innovative, on-the-ground solutions to the world’s toughest environmental challenges so that people and nature can thrive. Our work is guided by our values, which include a commitment to diversity and respect for people, communities, and cultures. From a rewarding mission to career development and flexible schedules, there are many reasons to love life #insideTNC. Want to know more? Check out our TNC Talent playlist on YouTube to hear stories from staff or visit Glassdoor .
One of TNC’s primary goals is to cultivate an inclusive work environment so that employees around the globe have a sense of belonging and feel that their unique contributions are valued. We know we’ll only achieve our mission by hiring and engaging a diverse staff that reflects the communities in which we work. Recognizing that people bring talent and skills that have been developed outside the scope of a job, we take a holistic approach to recruitment that considers life experience in addition to the professional requirements listed in our postings. Please apply – we’d love to hear from you. To quote a popular saying at TNC, “you’ll join for the mission, and you’ll stay for the people.”
What We Can Achieve Together
The Information Security Analyst (ISA) is responsible for supporting information security and risk management activities centered around external party information and application security. You will be a member of the Information Security Risk Management Team – the Yellow Team. This team helps safely implement systems and integrate third party organizations into TNC’s technology landscape, tracks information security risk, and manages human information security risk through a staff information security education and outreach program.
The Information Security Analyst will participate in the implementation, and maintenance of an external party information security risk management program. You will assess the information security risk profile of the Nature Conservancy’s vendors, contractors and other external parties that have access to our data and systems and will work with affected business units to mitigate or accept the risks those external parties pose.
WE'RE LOOKING FOR YOU
The Information Security Analyst is responsible for participating in information security-related activities. In pursuit of this mission, the ISA coordinates tactical information security activities with information technology and other staff in a complex, decentralized global organization.
The ISA Performs The Following Activities
- Act as a contact for all security review requests, both for internal and external party systems and services.
- Work with Privacy, and Legal teams to complete external party risk assessments.
- Perform technical assessments on both internal and external/third party systems and services.
This position requires routine contact with IT as well as non-technical staff. This position reports to a Director of Information Security and supervises no staff.
In This Position You Will
- Participate in the implementation, and maintenance of the external party information security risk management program as part of TNC’s overall external party due diligence review process.
- Participate in the assessment, monitoring, and documentation of the security posture and risk profile of external parties with access to TNC data, information, and records or to TNC systems.
- Participate in the security-oriented reviews of contracting-related documentation and provide security guidance to RFI/RFP/RFQ processes.
- Work with Privacy and Legal teams to document the classification of data, information, and records held or processed by external parties.
- Work with Information Technology staff to document the specifics of implemented technology solutions.
- Provide assessment of external party or internal system security based on provided architectural and operational documentation.
- Perform technical testing to validate the security-related behavior of a system, service, or piece of software.
- Work with business unit, IT staff, or external party to resolve any findings from security testing.
- Provide other Information Security teams with documentation of system configuration and expected behavior for applications and services.
- Provide advice and consultation to staff on information security-related policies, procedures, and best practices.
- Write documents for and deliver presentations to both technical and non-technical audiences.
- Participate in security incident response activities.
- Resolve issues independently within program area.
- Willing to work flexible hours.
- Work environment involves only infrequent exposure to disagreeable elements and minor physical exertion and/or strain.
What You'll Bring
- Bachelor’s degree in relevant technical discipline and 3 years of experience in an information technology department in any role, or seven years of experience without a degree.
- Experience having a strong customer service orientation
- Experience with Microsoft Office 365 programs
Desired Qualifications
- Experience working in a decentralized global organization, supporting staff and/or systems located in multiple states and/or countries.
- Multi-lingual skills and multi-cultural or cross-cultural experience appreciated.
- Time management and attention to detail.
- Experience in defining and documenting complex systems requirements.
- Experience in communicating effectively with internal and external audiences.
- Proficient with a written language other than English, particularly Spanish or Portuguese.
- Experience working with a Third-Party Risk Management platform.
- Experience with Cloud technology including AWS or Microsoft/Azure offerings for Infrastructure as a Service (IaaS), Platform as a Service (PaaS), or Software as a Service (SaaS).
- Experience with security-related aspects of information systems including endpoint security products, client operating system configuration and networking technologies.
- Experience with Agile tools and concepts.
- Certifications such as Security+, GISF, Associate of (ISC)2, CIPP, CRISC, or PCIP
What We Bring
Since 1951, TNC has been doing work you can believe in. Through grassroots action, we have grown from a small non-profit into one of the most effective and wide-reaching environmental organizations in the world. Thanks to more than 1 million members, over 400 scientists, and the dedicated efforts of our diverse staff and partners, we impact conservation around the world!
TNC offers a competitive, comprehensive benefits package including health care benefits, flexible spending accounts, a 401(k) plan with an 8% employer match, parental leave, accrued paid time off, life insurance, disability coverage, employee assistance program, other life and work well-being benefits. Learn more about our benefits on our Culture Tab on nature.org/careers.
We’re proud to offer a flexible work environment that supports of the health and well-being of the people we employ.
SALARY INFORMATION
The starting pay range for a candidate selected for this position is generally within the range of $76,800 – $115,000 for annual base salary. This range only applies to candidates whose country of employment is the USA. Where a successful candidate’s actual pay will fall within this range will be based on a variety of factors, including, for example, the candidate's location, qualifications, specific skills, and experience. Please note countries outside the USA would have a different pay range in the local currency based on the local labor market, and not tied to USA pay or ranges. Your geographic location will be confirmed during the recruitment.
APPLY NOW
To apply for job ID 55703, submit your materials online by using the Apply Now button at https://careers.nature.org/ . Need help applying? Visit our recruitment page or contact applyhelp@tnc.org .
The Nature Conservancy is an Equal Opportunity Employer. Our commitment to diversity includes the recognition that our conservation mission is best advanced by the leadership and contributions of people of diverse backgrounds, beliefs and culture. Recruiting and mentoring staff to create an inclusive organization that reflects our global character is a priority and we encourage applicants from all cultures, races, colors, religions, sexes, national or regional origins, ages, disability status, sexual orientation, gender identity, military, protected veteran status or other status protected by law.
The successful applicant must meet the requirements of The Nature Conservancy's background screening process.
Do you have military experience? Visit our U.S. Military Skills Translator to match your military experience with our current job openings!
TNC is committed to offering accommodations for qualified individuals with disabilities and disabled veterans in our job application process. If you need assistance or an accommodation due to a disability, please send a note to applyhelp@tnc.org with
Request for Accommodation in the subject line.
An attractive salary and benefits package is part of TNC’s value proposition to our employees. TNC strives to provide competitive pay and bases salaries on the geographic location of the role committing to being equitable across groups and providing hiring salary ranges when possible.
Since we support flexible and remote work for our employees, many positions have a flexible location within countries where we’re registered as a Non-government Organization and established as
an employer. This may mean we’re unable to provide a hiring salary range in the posting for some of our positions. However, candidates invited to be part of our interview process will be provided their location specific range upon request.