IT Security Administrator

Mercy Corps

Location: Portland OR

Position Status: Full-time, Exempt, Regular

Minimum Starting Salary: $80,000 commensurate with experience

About Mercy Corps

Mercy Corps is powered by the belief that a better world is possible. To do this, we know our teams do their best work when they are diverse and every team member feels that they belong. We welcome diverse backgrounds, perspectives, and skills so that we can be stronger and have long term impact.

The Information Technology Department Summary

The Information Technology Department ensures that Mercy Corps’ global workforce has the infrastructure, security, support, and technology they need to fulfill their critical missions.

The Position (IT Security Administrator)

The IT Security Administrator will work to strengthen the agency’s overall cybersecurity posture. This person will be a member of the Information Security team, leading on developing and maintaining global information security policies. This position will have a significant role in the formation and implementation of a global information security program based on the Center for Internet Security (CIS) controls and protocols. They will also develop, implement and maintain a Privilege Access Management system, acting as the subject matter expert providing the first line of support throughout the agency. The IT Security Administrator will work with our cybersecurity partner to oversee various services provided such as Threat Hunting and Response, Continual Vulnerability Scanning and Mitigation. This person will respond to all cyber security incidents, investigations, mitigations and reporting. This person will also work with M365 and SharePoint administrators to ensure effective security practices are in place around data access and sharing. This position must have a strong understanding of the security implications of Identity management and SSO technology.

This person should have a strong background in systems / network administration to provide backup support for network infrastructure administration including support of Linux and Windows servers. They will work to improve the availability, supportability, security of servers, networks, and applications, contribute in developing and administering Mercy Corps cloud hosted platforms.

Essential Responsibilities

  • Develop and implement Global Information Security policies and protocols based on CIS controls.
  • Monitor, report, and respond to security alerts in the M365/Intune environment (such as reporting around non-compliant devices, devices that are not encrypted, or other security related alerts / reports in our M365 tenant)
  • Determine security violations and vulnerabilities by conducting periodic audits.
  • Identify, report on and mitigate risk within the Mercy Corps Information Technology ecosystem
  • Implement security improvements by assessing current situations, evaluating trends, and anticipating requirements.
  • Improves system security by implementing and managing security controls
  • Prepare reports and action plans during security events
  • Reviews and coordinates remediation of vulnerabilities identified in Security Scans
  • Provide back-up support for administering and maintaining network equipment, including firewalls, routers, and switches.
  • Provide backup support for Virtual environments including computer storage and networking.
  • Ensure secure operation of all servers and services through the use of security and encryption tools such as SSH and SSL.
  • Monitor system logs and activity on all servers.
  • Document and log all changes to system software and configurations.
  • Identify, maintain, and use software tools for network operations and management as necessary.
  • Provide technical support for source code control system and issue tracking system.

Supervisory Responsibility



Reports Directly To: Director, Global Infrastructure and Support

Works Directly With: Data Protection and Privacy Team, Data Services Team, Global Security Team

Accountability to Participants and Stakeholders

Mercy Corps team members are expected to support all efforts toward accountability, specifically to our program participants, community partners, other stakeholders, and to international standards guiding international relief and development work. We are committed to actively engaging communities as equal partners in the design, monitoring and evaluation of our field projects.

Minimum Qualification & Transferable Skills

  • Bachelor’s degree in Computer Science or related field or equivalent experience.
  • Proven experience in IT policy and procedure documentation
  • Knowledge of Information Security Frameworks (CIS, NIST or other similar framework)
  • 2+ years experience in network security, threat protection and prevention
  • 2+ years experience with cloud hosted platforms
  • 5+ years experience with Linux server administration
  • 5+ years experience with Windows server administration (AD, DNS, Group Policy)
  • 2+ years experience with virtualization infrastructure, preferably VMware
  • 2+ years experience with network and wireless administration, preferably Cisco Meraki
  • Familiarity with version control system, preferably Git
  • Must have strong understanding of cloud computing architecture
  • Proficiency in one or more scripting or programming languages strongly desired
  • Familiarity with Identity Management Tools, Okta preferred

Success Factors

The IT Security Administrator will be able to work independently and collaboratively with multi-disciplinary teams. They will be an effective verbal and written communicator, and have the ability to prioritize and manage work according to critical project timelines. They will be highly organized, detail oriented, and able to put big ideas into a tangible form. They will have strong technical and analytical skills and be able to develop new approaches to complex integration and interfacing problems. A sense of humor is greatly appreciated.

Living Conditions / Environmental Conditions

This position will be based in Portland, OR. Remote work possible. Travel will be limited.

Equal Employment Opportunity

Mercy Corps is an equal opportunity employer that does not tolerate discrimination on any basis. We actively seek out diverse backgrounds, perspectives, and skills so that we can be collectively stronger and have sustained global impact.

We are committed to providing an environment of respect and psychological safety where equal employment opportunities are available to all. We do not engage in or tolerate discrimination on the basis of race, color, gender identity, gender expression, religion, age, sexual orientation, national or ethnic origin, disability (including HIV/AIDS status), marital status, military veteran status or any other protected group in the locations where we work.

Safeguarding & Ethics

Mercy Corps is committed to ensuring that all individuals we come into contact with through our work, whether team members, community members, program participants or others, are treated with respect and dignity. We are committed to the core principles regarding prevention of sexual exploitation and abuse laid out by the UN Secretary General and IASC and have signed on to the Interagency Misconduct Disclosure Scheme. We will not tolerate child abuse, sexual exploitation, abuse, or harassment by or of our team members. As part of our commitment to a safe and inclusive work environment, team members are expected to conduct themselves in a professional manner, respect local laws and customs, and to adhere to Mercy Corps Code of Conduct Policies and values at all times.

As a safeguarding measure, Mercy Corps screens all potential US-Based employees. Any offers of employment or continued employment are dependent on the successful completion of the screens which include, but are not limited to our Background Check and Interagency Misconduct Disclosure Scheme processes,

Diversity, Equity & Inclusion

Achieving our mission begins with how we build our team and work together. Through our commitment to enriching our organization with people of different origins, beliefs, backgrounds, and ways of thinking, we are better able to leverage the collective power of our teams and solve the world’s most complex challenges. We strive for a culture of trust and respect, where everyone contributes their perspectives and authentic selves, reaches their potential as individuals and teams, and collaborates to do the best work of their lives.

Ongoing Learning

In support of our belief that learning organizations are more effective, efficient and relevant to the communities we serve, we empower all team members to dedicate 5% of their time to learning activities that further their personal and/or professional growth and development

Covid-19 Vaccine Policy for US-Based Employees

Mercy Corps has determined that, in an effort to protect the health, safety, and well-being of all Mercy Corps employees working in the United States, all U.S.-based employees must be fully vaccinated for COVID-19, regardless of prior COVID-19 infection status.

This policy will be revised as needed to comply with federal, state, and local requirements, and to respond to changing guidance from public health authorities.

For new employees this requirement goes into effect within 10 business days of employment. Team members that travel are expected to comply with host-country requirements, including vaccinations. Failure to comply may impact your employment. Proof of vaccination or exemption must be provided.

How to apply

Apply here