Head of Security

Overview:

Crisis Text Line provides free, 24/7, high-quality text-based mental health support and crisis intervention by empowering a community of trained volunteers to support people in their moments of need.

Our mission is at the intersection of empathy and innovation — we promote mental well-being for people wherever they are.

Our vision is an empathetic world where nobody feels alone.

Why you should join our team: 

• Our work is transforming the way people in pain access support at their fingertips
• Our work is innovative in the crisis response space
• Our dynamic, fun, and diverse culture
• Our meaningful cause, led by empathy and innovation
• Our strong values at the center of all we do
• Our commitment to diversity, equity and inclusion
• Our commitment to engagement and belonging
• Our commitment to our employees and their holistic wellbeing
• Our  value of work/life balance
• Our growth mindset and prioritize professional development
• Our leaders who truly care

What you'll be doing:

The Head of Security is responsible for establishing and driving our security strategy across our company, our service, and our software platform.  This strategy will ensure our operations, software, data, and execution are well-protected and compliant with global information security perspectives. This role involves identifying, developing, implementing, and maintaining tools and processes to reduce information security risks. This role will own our IT team to drive corporate security, and will work directly with our software engineering and product teams to ensure platform security.

Responsibilities:

Crisis Text Line is a fast moving, growing organization with a big vision and a critical mission. To serve our mission and vision, each role must be agile and flexible to meet the needs of the business, aligning  daily work with business priorities as defined by managers and team leaders.

Strategy and Leadership

• Develop and implement a strategic, long-term information security plan that aligns with business goals.
• Design, implement, and maintain a comprehensive security program to safeguard corporate assets, infrastructure, and data.
• Lead a team of security professionals, including hiring, training, mentoring, and evaluating staff.
• Establish and enforce security policies, standards, and guidelines for IT systems.
• Work closely with executive management to determine acceptable levels of risk.

Risk Management and Compliance

• Conduct risk assessments to identify security vulnerabilities and threats, and prioritize mitigation efforts.
• Develop incident response plans, including strategies for communication, investigation, and resolution.
• Lead the organization’s response to security incidents and breaches.

Security Operations

• Oversee the monitoring and analysis of potential security threats and vulnerabilities.
• Implement and manage security tools, such as firewalls, intrusion detection systems, anti-virus software, and authentication systems.
• Ensure the security of cloud services, data centers, network infrastructure, and end-user devices.
• Conduct regular security audits, penetration testing, and vulnerability assessments.

Education and Awareness

• Develop and deliver security training programs for employees at all levels.
• Foster a culture of security awareness and encourage proactive incident reporting.

Qualifications:

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field or equivalent work experience 
• 10+ years of experience in information security, including at least 5 years in a leadership role.
• Direct experience at companies shipping software platforms to customers.
• Proven experience in developing and implementing security strategies.
• In-depth knowledge of cybersecurity trends, threats, and mitigation strategies.
• Excellent leadership, communication, and organizational skills.
• Experience with security technologies and cloud security solutions.
• Experience in organizations which need to comply with SOC2, HIPAA, and GDPR etc

Reliable High-Speed Internet Required: Must have a stable high-speed internet connection to support seamless remote collaboration, virtual meetings, online job tasks, etc.

The full salary range for this position, across all United States geographies, is ($198,440 - $268,310 per year. The upper portion of the salary range is typically reserved for existing employees who demonstrate strong performance over time. Starting salary will vary by location, qualifications, and prior experience; during the interview process, candidates will learn the starting salary range applicable for their location. We pay competitively in the tech-forward nonprofit space and offer a robust benefits package.

Only candidates in the following states will be eligible for employment: CA, CO, CT, FL, GA, HI, IL, IN, IA, MD, MA, MI, MO, NJ, NM, NY, NC, OH, PA, TN, TX, UT, VA, WA.

Benefits:

Crisis Text Line employee  benefits are thoughtfully designed using an equity lens, acknowledging that we are all unique human beings with individual life circumstances that require flexibility and support. 

 Benefits include: 

• 20 paid holidays including:
• Federal  holidays like Juneteenth and Labor Day
• Election day
• Holiday break from Dec 24  through January 1
• 2 renewal days 
• 2 floating holidays  
• Flexible  paid time off, including: 
• 15 vacation days
• 3 personal days
• 7 sick days 
• Medical, dental, and vision benefits for the staff member and family at no cost to the employee
• 403B retirement plan (the nonprofit equivalent of a 401K): 3% contribution by Crisis Text Line to support building financial wellness,  regardless of personal contribution
• 12 weeks paid parental leave (after 6 months of employment)
•  Student loan repayment (after 2 years of continuous full time service)
• Family support through a virtual childcare platform
• Stipends/Allowances
• Mental health  (Monthly) 
• Internet Service (Monthly) 
• Professional Development (Annual)
• Wellness (Annual)
• Home office setup (One time/First year)

(Benefits are only for US-based employees. International benefits may differ).

Crisis Text Line is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. We provide reasonable accommodation to individuals who have a disability and meet the skill, experience, education, and other job-related requirements of the role to allow the individual to perform the essential functions of the job.