Director of IT Security & Privacy (Volunteer)

Description

Director of IT Security & Privacy (Volunteer)

PromiseStack | Product & Technology Division

Organization: Mentor A Promise (MAP)

Reports To: Chief Product & Technology Officer (CPTO)

Location: Remote with NYC-based collaboration as needed

Type: Volunteer

About Mentor A Promise

Mentor A Promise (MAP) is a NYC-based nonprofit serving children and youth ages 5–18 experiencing housing instability through mentorship, education, social-emotional learning, creative expression, publishing, housing innovation, and community-based programs. MAP stewards highly sensitive information related to children, families, volunteers, donors, and partners. Security and privacy are therefore foundational to trust, safety, and ethical operations.

About PromiseStack | Product & Technology

PromiseStack is MAP’s Product & Technology Division, responsible for the design, delivery, and governance of MAP’s digital products, platforms, data systems, and technology-enabled operations. PromiseStack ensures technology advances MAP’s mission while upholding ethics, accessibility, privacy, and operational resilience.

Role Overview

The Director of IT Security & Privacy is the senior leader responsible for security and privacy governance within PromiseStack. This role establishes and oversees information security, data protection, and privacy practices across MAP’s technology ecosystem—ensuring sensitive data is protected by design while enabling staff and volunteers to work effectively.

Reporting to the Chief Product & Technology Officer, the Director partners closely with Legal, Data & Evaluation, Operations, and Executive Leadership to embed security and privacy into product development, system architecture, and daily workflows.

Key Responsibilities

• Lead MAP’s organization-wide IT security and privacy strategy within PromiseStack
• Establish, maintain, and enforce security and privacy policies, standards, and procedures
• Assess and manage cybersecurity risks across platforms, tools, and vendors
• Oversee identity, access management, and permission structures
• Ensure secure, compliant use of Google Workspace and other core collaboration tools
• Partner with Legal and Data leadership on privacy, consent, and compliance requirements
• Define and coordinate incident response protocols for security or privacy events
• Investigate and manage security incidents with professionalism and discretion
• Provide guidance and training to staff and volunteers on security best practices
• Ensure security controls are proportionate, trauma-informed, accessible, and mission-aligned

Qualifications

• Experience in IT security, cybersecurity, information security, or data privacy
• Strong understanding of risk management, access control, and privacy principles
• Ability to translate technical requirements into clear, practical guidance
• Sound judgment when handling sensitive or confidential information
• Comfort working cross-functionally within product, legal, and operations environments
• Alignment with MAP’s mission and dignity-centered values

Preferred Skills

• Experience supporting nonprofit, education, healthcare, or youth-serving organizations
• Familiarity with privacy and data protection concepts (e.g., FERPA principles, data minimization)
• Experience securing cloud-based environments and collaboration tools
• Background in incident response planning or security audits
• Experience collaborating with product, legal, and data teams

Commitment

• Volunteer leadership role
• Approximately 5–10 hours per week
• Minimum 6-month commitment preferred
• Fully remote with optional NYC-based collaboration

What You’ll Gain

• Senior leadership experience within a Product & Technology division
• Direct responsibility for safeguarding children, families, and organizational trust
• Collaboration with executive leadership and cross-division partners
• Professional references and letters of recommendation
• The opportunity to build ethical, scalable, and human-centered security systems

How to Apply

Interested candidates should apply directly through Idealist and include their resume and cover letter.

Help protect MAP’s technology ecosystem—so innovation, trust, and dignity can grow together.

Thank you for your interest in volunteering with our organization. At this time, volunteer opportunities are limited to individuals based in the United States due to legal, safeguarding, data-privacy, and programmatic requirements. We appreciate your interest in our mission and your understanding of these constraints.