TECH002: Chief Information Security Officer (CISO)

All JerseySTEM roles are pro-bono (unpaid) positions.

JerseySTEM is a mission-driven professional network of pro-bono contributors dedicated to improving access to STEM education and career pathways for underserved middle school girls in New Jersey.

Members contribute their professional skills and leverage their networks in service of the organization’s gender-equity agenda.

Membership is a minimum six-month commitment of approximately six flexible hours per week and includes a $100 refundable deposit, returned after six months of active membership. K–12 educators, retirees, veterans, interns, and students are exempt from the deposit.

This is a pro-bono position.

JerseySTEM is looking for experienced professionals to commit time and expertise as a long-term engagement in support of our mission to provide STEM education to underrepresented middle school girls.

The Chief Information Security Officer (CISO) provides strategic leadership for information security, cybersecurity risk, and data protection across the organization, working collaboratively with Technology, Data, and leadership. This is not a technical or operational role, but a governance and advisory role focused on policy, risk management, and organizational security awareness.

• Define and lead the JerseySTEM’s information security strategy to support and advance the organization's goals .
• Develop, implement, and maintain policies and procedures aligned with federal regulations appropriate for a nonprofit organization.
• Identify and assess cybersecurity risks from data, systems, and infrastructure. Work with stakeholders to communicate, manage, and mitigate risks.
• Partner with the JerseySTEM’s TECH team and leadership to ensure security is embedded in systems, tools, and workflows.
• Establish and oversee JerseySTEM’s security awareness and best practices. Develop the tailored training and communication for volunteers and team members.
• Continuously evaluate and improve defenses against evolving threats, including those driven by generative AI and adversarial ML techniques.
• Provide tailored guidance to JerseySTEM’s data custodians handling sensitive and/or regulated datasets. Ensure compliance with relevant security, privacy, and data protection principles appropriate for a nonprofit organization.
• Support and champion the JerseySTEM’s data classification.
• Participate in virtual meetings to align on organizational priorities and initiatives.
• Oversee cybersecurity incident response planning activities; investigate and manage response to security breaches as needed.

• A minimum of ten (10) years of progressive experience in information security, cybersecurity, or risk management leadership roles.
• Familiarity with the cybersecurity implications of artificial intelligence and machine learning.
• Strong understanding of security frameworks, controls, and best practices (e.g., risk assessment, access management, data protection).
• Ability to translate technical security concepts into clear guidance for non-technical stakeholders.
• Experience working with cross-functional teams in a collaborative environment.
• Strategic mindset with a hands-on, pragmatic approach.
• Excellent communication, judgment, and decision-making skills.
• Comfortable working in a fully remote, volunteer-driven organization.
• Commitment for 5–6 hours per week
  

  Preferred Qualifications

  • An advanced degree is preferred.
  • A retired professional is a plus.
  • Relevant certifications preferred (e.g., CISSP, CISM, CCSP, GIAC).
    
    
  This is a pro-bono volunteer position.