Overview

Who We Are:

The Nature Conservancy’s mission is to protect the lands and waters upon which all life depends. As a science-based organization, we create innovative, on-the-ground solutions to our world’s toughest challenges so that we can create a world in which people and nature thrive. We’re rooted in our Mission and guided by our Values, which includes a Commitment to Diversity and Respect for People, Communities, and Cultures. Whether it’s career development, flexible schedules, or a rewarding mission, there’s lots of reasons to love life #insideTNC. Want a better insight to TNC? Check out our TNC Talent playlist on YouTube or on Glassdoor.

Our goal is to cultivate an inclusive work environment so that all our colleagues around the globe feel a sense of belonging, and that their unique contributions to our mission are valued. We know we’ll only achieve our Mission by hiring and engaging a diverse workforce that reflects the communities in which we work. In addition to the requirements in our postings, we recognize that people come with talent and experiences outside of a job. Diversity of experience and skills combined with passion is a key to innovation and a culture of inclusion! Please apply – we’d love to hear from you. To quote myriad TNC staff members, “you’ll join for our mission, and you’ll stay for our people.”

What We Can Achieve Together:

The Principal Information Security Architect is a member of the Information Security Risk Management Team and establishes, maintains, and facilitates the implementation of security standards, baselines, and security best practices within TNC’s information technology environment. This role will also work alongside the Enterprise Architecture function, IT Operations, and DevOps teams to design the security aspects of IT systems as part of IT-led project teams and will conduct project-level security design reviews, working closely with members of Information Security’s Red Team, to identify infrastructure security risks during system design and implementation and to recommend mitigations. A significant focus for the position will be on public cloud provider-related security standards and this role will work in close partnership with the Cloud Center of Excellence function to provide that expertise.

We’re Looking for You:

  • Experience in design review of application, networking, and cloud-based infrastructure from a security context.
  • Experience creating, implementing, and refining security policies.
  • Experience establishing and maintaining security baselines, patterns, and best practices with a varied set of technologies including server, application, networking, endpoint, and public cloud infrastructure.
  • Experience with endpoint configuration management tools and endpoint baseline management.
  • Ability to use an evidence-based approach to security design and risk management.
  • Experience with using architectural diagraming concepts and tools.
  • Understanding of information security risk management concepts.
  • Understanding of core cloud solution components (e.g., service, compute, storage, and network) with a specialty in security, networking, and data access, and general knowledge of cloud developer capabilities.
  • Knowledge of software and product development lifecycle practices.
  • Experience working across teams with technical and non-technical staff.
  • Ability to communicate complex concepts to a variety of audiences and build consensus on a path forward.

What You’ll Bring:

  • Bachelor’s degree in a relevant technical discipline or equivalent technical experience.
  • 6 years’ experience as a business professional in IT or related field.
  • Experience in analyzing, defining, and documenting complex systems requirements.
  • Experience in communicating effectively with internal and external audiences.
  • Experience with system life cycle and project management principles, best practices, and concepts.
  • Experience configuring, operating, or auditing Public Cloud technology including AWS or Microsoft/Azure offerings for Infrastructure as a Service (IaaS), Platform as a Service (PaaS), or Software as a Service (SaaS).

DESIRED QUALIFICATIONS

  • Experience working in a decentralized global organization, supporting staff and/or systems located in multiple states and/or countries.
  • Experience with security controls standards such as NIST 800-53, ISO 27001, Cloud Security Alliance Cloud Controls Matrix, Center for Internet Security Critical Security Controls.
  • CI/CD software systems knowledge.
  • Multi-lingual skills and multi-cultural or cross-cultural experience appreciated.
  • Experience with Agile tools and concepts.
  • Excellent written and oral communication skills.
  • Exceptional customer service skill.
  • Certifications such as GSEC, GDSA, Associate of (ISC)2, Microsoft MCA, AWS Certified Security – Specialty.

What We Bring:

Since 1951, The Nature Conservancy has been doing work you can believe in protecting the lands and waters that all life depends on. Through grassroots action, TNC has grown to become one of the most effective and wide-reaching environmental organizations in the world. Thanks to more than 1 million members, over 400 scientists, and the dedicated efforts of our diverse staff, we impact conservation throughout the world!

The Nature Conservancy offers a competitive, comprehensive benefits package including: health care benefits, flexible spending accounts, 401(k) plan including employer match, parental leave, accrued paid time off, life insurance, disability coverage, employee assistance program, other life and work wellbeing benefits. Learn more about our benefits at in the Culture Tab on nature.org/careers.

We’re proud to offer a work-environment that is supportive of the health, wellbeing, and flexibility needs of the people we employ!