IT and Digital Security Consultant

1. Background

Protection International (PI) is an international not-for-profit organisation registered in Belgium. PI stands for the right to defend rights and for freedom from attacks to those who defend them. PI tailors its approach to each context and profile of defenders we support.

PI relies on an external Managed Service Provider (MSP) to manage its daily IT operations, including endpoints, servers and services. PI requires a highly skilled consultant to occasionally coordinate with the MSP and advise the Management Team on an ad-hoc basis for strategic IT oversight and recommendations.

2. Objective & Working Modality

The Consultant will respond to specific requests from the Management Team or escalations from the MSP, focusing on strategic direction, policy changes, and security incident management rather than daily administration.

3. Scope of Work and Priorities

High Priority: Strategic Oversight, Incident Support & MSP Coordination

• Strategic Advice: Provide ad-hoc recommendations and strategic guidance to the Management Team regarding IT and Digital Security (DS) matters, including the identification of future resource needs.
• MSP Coordination: Act as an escalation point and strategic sounding board for the existing MSP. Occasionally review and validate proposed changes to the IT infrastructure or services to ensure they align with PI’s organizational values and IT guiding principles.
• Incident Management: Serve as a senior advisor during significant digital security breaches or threats, providing expert guidance on mitigation, response strategies, and improvements for country offices’ IT infrastructure.
• Policy Review: Review, recommend, and assist in drafting updates to digital security policies and guidelines to support data privacy, information security, and organizational compliance.
• Security Culture: Advise on and support light-touch initiatives to maintain a security-aware culture across PI’s offices.

Low Priority: Digital Security Curriculum Support and website

• Curriculum Input: Upon request, offer occasional feedback or technical input on PI’s digital security curriculum for the protection of Human Rights Defenders (HRDs), ensuring measures remain relevant, sustainable and affordable.
• Threat Assessment: Occasionally evaluate emerging digital security trends and threats to advise the team on potential updates to training materials or knowledge-sharing practices.
• Technical Insight: In rare instances, the consultant may be asked to provide technical insight or background information to support PI’s advocacy and communication efforts concerning data protection and digital security public policies.
• Website Advice: The consultant may be asked to give strategic technical advice to ensure the PI website remains secure, well-maintained, and technologically sound, occasionally liaising with external web developers or the communications team.

4. Required Profile and Qualifications

Education & Experience

• Relevant university degree in Information Technology, Cybersecurity or Computer Science
• Minimum of 5-7 years of experience in senior IT management, IT consulting, or as a fractional CIO/CISO.
• Experience interacting or collaborating with external IT vendors and Managed Service Providers (MSPs) a plus
• Solid understanding of the non-profit sector; previous experience working with human rights organizations or knowledge of the specific digital security threats facing Human Rights Defenders (HRDs) is a strong asset.

Knowledge & Skills

• Good understanding of IT environments, cloud services (XaaS), basic cybersecurity concepts, and practical IT risk assessment.
• Highly autonomous and flexible, with the ability to manage a low-hour, ad-hoc workflow efficiently.
• Ability to review IT architecture and policies with a critical eye toward cost-efficiency, sustainability, and organizational values.
• Awareness of the environmental impact of IT services and motivation to recommend ecologically responsible solutions.

Languages

• Fluently spoken and written English is required.
• Good command of either Spanish or French (to support PI’s regional operations) is highly desirable.

5. Core & Functional Competencies

Given the ad-hoc, reactive nature of this consultancy, the ideal candidate should demonstrate:

• Advisory & Analytical Thinking: Ability to quickly digest technical escalations from the MSP, assess the organizational impact, and provide sound, practical recommendations to Management.
• Adaptability & Flexibility: Highly comfortable working on a fractional, low-hour basis, with the ability to pivot quickly when urgent security incidents arise.
• Effective Communication: Strong capacity to act as a bridge, conveying complex technical or security issues in simple, clear terms to non-technical staff and leadership.
• Pragmatism & Problem Solving: A focus on identifying digital security solutions that are affordable, sustainable, and realistic for the context of a global NGO and Human Rights Defenders.
• Collaborative Relationship Management: Capable of maintaining a positive, cooperative, and guiding relationship with the external MSP without micromanaging their daily operations.

6. How to Apply

Interested candidates are invited to submit their application to recruitment@protectioninternational.org with the subject line “Application: IT & DS Consultant”.

Please include the following in your application:

• A concise Curriculum Vitae (CV) highlighting your relevant experience and background.
• A brief Cover Letter detailing your interest in the role, your approach to a fractional/ad-hoc consultancy, and your expected hourly or daily rate.

Deadline: Applications will be reviewed on a rolling basis. As long as this advertisement remains online, the position is open and you are welcome to apply.