Director, IT Infrastructure and Security

Society for Science is a nonprofit organization dedicated to the advancement of science and scientific literacy. Since 1921, we have worked to educate and inspire the public about the vital role science plays in human progress.

We achieve this through two key areas: the award-winning journalism of Science News Media Group and three premier STEM research competitions: the Regeneron Science Talent Search, the Regeneron International Science and Engineering Fair, and the Thermo Fisher Scientific Junior Innovators Challenge.

A major focus of our work has been expanding access to STEM. For the past decade, we have built a comprehensive suite of STEM Outreach programs that bring authentic, high-quality STEM experiences to students in underserved communities across all 50 states and around the globe.

Position Overview

The Director of IT Infrastructure and Security is a new position at a growing organization responsible for designing, implementing, and maintaining the Society’s technology infrastructure while ensuring robust cybersecurity measures protect critical systems and data. This role combines strategic planning with hands-on oversight of infrastructure operations and security protocols.

The Director oversees all aspects of the Society’s IT infrastructure including servers, networks, cloud environments, data centers, and end-user computing. The Director will develop and execute security strategies to protect against cyber threats, ensure compliance with regulatory requirements, and establish disaster recovery and business continuity plans.

Reporting to the Chief Technology Officer, the Director will collaborate with other IT department leaders to align technological initiatives with the Society’s mission.

Job Responsibilities

Technology Strategy

• Develop and execute IT infrastructure and cybersecurity strategies aligned with the organization’s mission and CTO-defined best practices
• Lead digital transformation and technology modernization initiatives across the enterprise
• Provide strategic guidance to the CTO on technology investments, architecture decisions, and risk management
• Establish and maintain IT governance frameworks, policies, standards, and procedures
• Vet, approve, and manage AI-enabled productivity tools with a focus on security, privacy, and responsible use
• Foster a culture of continuous improvement, innovation, and professional development within the IT function

Infrastructure Operations and Security

• Supervise and mentor two direct reports and provide day-to-day leadership and performance guidance
• Oversee the daily operations, implementation, and maintenance of IT infrastructure, including networks, servers, cloud platforms, and end-user systems
• Serve as the technical escalation point for complex infrastructure and security issues
• Ensure high availability, disaster recovery, and business continuity planning for critical systems
• Establish service level agreements (SLAs) and monitor IT performance metrics to ensure reliable service delivery
• Manage vendor relationships and negotiate contracts for technology services, hardware, and software
• Secure the organizations IT infrastructure using policies and tools to protect against threats internally and in the cloud, manage firewalls, and monitor network traffic.
• Set up and oversee audio and video systems to support meetings, events, and organizational communications

Cybersecurity

• Design, implement, and maintain organization-wide security protocols, including threat detection, incident response, and vulnerability management
• Coordinate security incident response activities and escalate significant risks to the CTO as appropriate
• Conduct regular security assessments, penetration testing, and risk analyses in collaboration with third-party vendors
• Ensure compliance with applicable regulatory and security frameworks (e.g., GDPR, PCI-DSS, SOC 2)
• Develop and deliver cybersecurity awareness and training programs for employees across the organization

Technical Competencies

• Strong expertise in network security architecture and protocols, including TCP/IP, VPNs, SSL/TLS, DNS, and DHCP
• Proficiency in identity and access management (IAM), privileged access management (PAM), and multi-factor authentication solutions
• Hands-on experience managing and supporting internal IT infrastructure across on-premises and cloud environments
• Knowledge of encryption technologies and data loss prevention (DLP) solutions to protect sensitive information
• Experience conducting vulnerability assessments, penetration testing, and remediation planning
• Demonstrated capability in incident response coordination, security investigations, and digital forensics procedures
• Expertise in backup, disaster recovery, and business continuity solutions to ensure system resilience
• Understanding of database security and application security best practices
• Familiarity with AI technologies, including best practices for secure implementation, governance, and risk management

Qualifications

• Proven track record of developing and implementing enterprise IT strategies and security frameworks
• Strong understanding of security frameworks such as NIST, ISO 27001, CIS Controls, and Zero Trust Architecture
• Experience with Azure and Microsoft 365 cloud platforms security protocols and hybrid infrastructure management
• Expertise in managing security tools including SIEM, EDR, firewalls, IDS/IPS, and vulnerability management platforms
• Excellent leadership, communication, and stakeholder management skills
• Strong analytical and problem-solving abilities with a strategic mindset
• Familiarity with emerging technologies such as AI/ML security, blockchain, and IoT security

Required Education and Experience

• Bachelor’s degree required in Computer Science, Information Technology, Cybersecurity, or related field; Master’s degree preferred
• 5+ experience in IT management, with at least 3 years in cybersecurity
• 2-4 years of people management

Work Environment

• While performing the duties of this job, the employee usually works in an office setting. Our office is located in Washington, D.C. near the Dupont Circle and Farragut North Metro stations.  This role requires up to 15% of your time for travel and some weekend work for events and may involve physical tasks such as lifting up to 30lbs and setting up technical and AV equipment.  The Society is operating on a hybrid work schedule.

Position Type and Expected Hours

• This is a full-time, non-exempt position with a 37.5-hour work week. Normal business hours are Monday through Friday, 8:30 AM – 5:00 PM Eastern, with core hours of 10:00 AM – 3:00 PM Eastern.

Salary

• This salary range is $130,500 to $146,500

Physical Demands

• The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee is regularly required to use hands and fingers to operate a computer and other office equipment.

How to Apply

• To be considered for this position please upload a professional resume and cover letter. Please apply through Applicant Pro:
  https://www.applicantpro.com/openings/societyforscience/jobs/4025109-560497

Additional Eligibility Qualifications

• Society for Science has mandated the COVID-19 vaccine for employees, as applicable. Exceptions to the vaccine requirement may be provided to individuals for religious beliefs or medical reasons.

Other Duties

• Please note this job description is not designed to cover every duty, responsibility and activity that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.