The Information Security Analyst (ISA) is responsible for participating in information security-related activities. In pursuit of this mission, the ISA coordinates tactical information security activities with information technology and other staff in a complex, decentralized global organization.

The Information Security Analyst is responsible for supporting information security and risk management activities centered around external party information and application security. You will be a member of the Information Security Risk Management Team – the Yellow Team. This team helps safely implement systems and integrate third party organizations into TNC’s technology landscape, tracks information security risk, and manages human information security risk through a staff information security education and outreach program.

The Information Security Analyst will participate in the implementation, and maintenance of an external party information security risk management program. You will assess the information security risk profile of the Nature Conservancy’s vendors, contractors and other external parties that have access to our data and systems and will work with affected business units to mitigate or accept the risks those external parties pose.

This position requires routine contact with IT as well as non-technical staff. This position reports to a Director of Information Security and supervises no staff.

RESPONSIBILITIES & SCOPE

• Act as a contact for all security review requests, both for internal and external party systems and services.

• Work with Privacy, and Legal teams to complete external party risk assessments.

• Perform technical assessments on both internal and external/third party systems and services.

• Participate in the implementation, and maintenance of the external party information security risk management program as part of TNC’s overall external party due diligence review process.

• Participate in the assessment, monitoring, and documentation of the security posture and risk profile of external parties with access to TNC data, information, and records or to TNC systems.

• Participate in the security-oriented reviews of contracting-related documentation and provide security guidance to RFI/RFP/RFQ processes.

• Work with Privacy and Legal teams to document the classification of data, information, and records held or processed by external parties.

• Work with Information Technology staff to document the specifics of implemented technology solutions.

• Provide assessment of external party or internal system security based on provided architectural and operational documentation.

• Perform technical testing to validate the security-related behavior of a system, service, or piece of software.

• Work with business unit, IT staff, or external party to resolve any findings from security testing.

• Provide other Information Security teams with documentation of system configuration and expected behavior for applications and services.

• Provide advice and consultation to staff on information security-related policies, procedures, and best practices.

• Write documents for and deliver presentations to both technical and non-technical audiences.

• Participate in security incident response activities.

• Resolve issues independently within program area.

• Willing to work flexible hours.

• Work environment involves only infrequent exposure to disagreeable elements and minor physical exertion and/or strain.

Are you looking for work you can believe in? At TNC we strive to embody a philosophy of Work that You Can Believe in where you can feel like you are making a difference every day. We’re looking for someone with strong experience with IT support.

The ideal candidate should have keen attention to detail, excellent communication skills, and be effective in working in a team environment. This is an exciting opportunity to contribute to the ongoing mission of conservation by being a part of our Business Unit!

The ideal candidate will have all or some of the qualifications. If you don’t have all of them, please apply anyway and tell us about your skills and experience:

• Experience working in a decentralized global organization, supporting staff and/or systems located in multiple states and/or countries.

• Multi-lingual skills and multi-cultural or cross-cultural experience appreciated.

• Time management and attention to detail.

• Experience in defining and documenting complex systems requirements.

• Experience in communicating effectively with internal and external audiences.

• Proficient with a written language other than English, particularly Spanish or Portuguese.

• Experience working with a Third-Party Risk Management platform.

• Experience with Cloud technology including AWS or Microsoft/Azure offerings for Infrastructure as a Service (IaaS), Platform as a Service (PaaS), or Software as a Service (SaaS).

• Experience with security-related aspects of information systems including endpoint security products, client operating system configuration and networking technologies.

• Experience with Agile tools and concepts.

• Certifications such as Security+, GISF, Associate of (ISC)2, CIPP, CRISC, or PCIP

• Bachelor’s degree in relevant technical discipline and 3 years’ experience or equivalent combination.

• Strong customer service orientation

• Facility with the use of Microsoft Office 365 programs

The starting pay range for a candidate selected for this position is generally within the range of $81,500.00-$122,100.00. This range only applies to candidates whose country of employment is the USA. Where a successful candidate’s actual pay will fall within this range will be based on a variety of factors, including, for example, the candidate's location, qualifications, specific skills, and experience. Please note countries outside the USA would have a different pay range in the local currency based on the local labor market, and not tied to USA pay or ranges. Your geographic location will be confirmed during the recruitment.

Who We Are:

The Nature Conservancy’s mission is to protect the lands and waters upon which all life depends. As a science-based organization, we create innovative, on-the-ground solutions to our world’s toughest challenges so that we can create a world in which people and nature thrive. We’re rooted in our mission and guided by our values, which include respect for all people, communities, and cultures. Whether it’s career development, flexible schedules, or a rewarding mission, there’s many reasons to love life inside TNC. Want a better insight to TNC? Check out our TNC Talent playlist on YouTube to hear stories from staff or visit Glassdoor.

One goal is to cultivate an inclusive work environment so that all our colleagues around the globe feel a sense of belonging and that their unique contributions to our mission are valued. In addition to the requirements in our job postings, we recognize that people come with talent and experiences outside of a job and consider each applicant’s unique experience. Please apply – we’d love to hear from you. To quote a popular saying at TNC, “you’ll join for the mission, and stay for the people.”

What We Bring:

Since 1951, TNC has been doing work you can believe in. Through grassroots action, we have grown from a small non-profit into one of the most effective and wide-reaching environmental organizations in the world. Thanks to more than 1 million members, over 400 scientists, and the dedicated efforts of our diverse staff and partners, we impact conservation around the world!

TNC offers a competitive, comprehensive benefits package including health care benefits, flexible spending accounts, a 401(k) plan with an 8% employer match, parental leave, accrued paid time off, life insurance, disability coverage, employee assistance program, other life and work well-being benefits. Learn more about our Benefits and Perks here.

We’re proud to offer a flexible work environment that supports of the health and well-being of the people we employ.

Our recruiting process includes a rolling interview process to ensure we engage applicants in a timely manner. This means we may review applications in the order in which they are received. Once a strong candidate pool is identified, the role will be unposted. The timeline may vary depending on the expressed interest in the role, so we highly encourage candidates to apply as soon as possible.

Employees must submit their application by logging into Workday and applying via the Jobs Hub.

The Nature Conservancy is an Equal Opportunity Employer. Our commitment to equal employment opportunity includes the recognition that our conservation mission is best advanced by the leadership and contributions of people of all backgrounds, beliefs, and culture. Recruiting and mentoring staff to create an inclusive organization is a priority, and we encourage applicants from all cultures, races, colors, religions, sexes, national or regional origins, ages, disability status, sexual orientation, gender identity, military, protected veteran status or other status protected by law.

The successful applicant must meet the requirements of The Nature Conservancy's background screening process.

Do you have military experience? Visit our U.S. Military Skills Translator to match your military experience with our current job openings!

TNC is committed to offering accommodations for qualified individuals with disabilities and disabled veterans in our job application process. If you need assistance or an accommodation due to a disability, please send a note to applyhelp@tnc.org with Request for Accommodation in the subject line.