This information and digital security consultancy is specific to a large project for a high-profile NGO client who challenges abuses of power to protect human rights and secure the future of our planet.
The project involves working in a cross-disciplinary team and will be delivered in three stages. Your focus in the first stage will be to review the client’s current duty of care provision in relation to digital and information security to specific stakeholders; other colleagues will be doing the same in relation to security risk management and wellbeing and resilience. The assessment will also be conducted through the lenses of organisational values, ethical principles, diversity, equity and inclusion, and power and privilege.
Stage 1 will be delivered between October 2021 and March 2022, and is broken down into five separate phases, as follows:
Phase 1: Understanding the client and their values and principles, and mapping the client’s stakeholders.
Phase 2: Analysing the support needs of the client’s stakeholders and creating an audit framework.
Phase 3: Reviewing the client’s current stakeholder support against the audit framework.
Phase 4: Identify policy and practice improvements.
Phase 5: Agreeing next steps and implementation plan for Stage 2.
You will be responsible for the digital and information security elements of the project. Your work in Stage 1 will include:
- Conducting primary and secondary research around digital and information security legal and ethical duty of care obligations and best practices.
- Developing of a set of standards and indicators to build an audit framework.
- Examining the support needs of specific stakeholders involved in the client’s investigations.
- Reviewing the client’s current policies, procedures and practices against the audit framework, through multiple stakeholder interviews, workshops and surveys.
- Delivering findings in a detailed report including a gap analysis and a discussion-based presentation.
- Developing an implementation plan and timeline for Stage 2 (develop) and Stage 3 (assess).
You will report into Open Briefing’s project lead as part of a five-person multidisciplinary project team, who will work in partnership with the client’s project team and their project steering committee.
You will have 29 day’s work split across the five phases of Stage 1, though your involvement in Phase 1 will be dependent on your engagement date. The day rate for this project is between £400 and £700, depending on your experience and alignment with the person specification.
- At least five years professional experience in information and digital security.
- Extensive technical digital security knowledge.
- A deep understanding of information and digital security best practices in contexts with capable adversaries.
- Experience with various digital security audit frameworks.
- Experience of project management processes and tools.
- The ability to prioritise the protection of sensitive information assets based on risk.
- The ability to maintain high levels of professionalism while building effective working relationships with clients and project teams, that are based on trust and mutual understanding.
- The ability to draw firm conclusions and propose practical actions from the research and analysis of significant amounts of data.
- The ability to distil complex information into simple and compelling concepts and messages.
- The ability to work in a cross-disciplinary team and work on collaborative outputs, within strict deadlines.
- Emotional intelligence that demonstrates natural empathy.
- Highly effective written and spoken communication skills with both technical and non-technical stakeholders and audiences.
- Excellent written and spoken English.
- A strong and genuine motivation to support those fighting for environmental rights.
- An understanding of the physical security and wellbeing aspects of holistic security.
- Experience working at all levels of civil society, from activists to boardrooms.
- Experience working with environmental defenders.
- Experience of working with high-profile organisations who conduct complex investigations.
- Experience of translating organisational values, ethical principles, diversity, equity and inclusion, and power and privilege into the information and digital security realms.
How to apply
To apply, please email your CV and a cover letter setting out how you meet the person specification and why you are interested in the role, to our safety and security lead, Dan Williamson, at [email protected].
While this is an immediate need, applications will be reviewed on a rolling basis, and the positions will remain advertised until we find the appropriate consultant. Successful applicants will need to complete a reasonable vetting process before engagement.