• You will be responsible for leading the continuous improvement of the vulnerability management process throughout the software development lifecycle, defining and structuring workflows, roles, and prioritization criteria that link vulnerability discovery to remediation. • Your role will guide decisions on process efficiency and scalability based on strong technical experience and a broad process and systems perspective, acting as the link between technical teams, security leadership, and governance. • Structure and advance the Vulnerability Management program, ensuring integration with technical teams and security governance. • Define and apply a technical risk-based prioritization model that accounts for severity, exploitability, exposure, and business context. • Develop dashboards and metrics for executive and operational monitoring of vulnerability exposure. • Standardize technical inputs to support formal risk, exception, and risk-acceptance processes together with the GRC team. • Orchestrate forums and recurring rituals to track vulnerabilities with multidisciplinary teams.

Role Description We are seeking a Risk Engineer with strong technical acumen and practical experience in the vulnerability management space to design, prioritize, and enable risk-reducing technical solutions across complex cloud and enterprise environments. As a Cyber Security Engineer, you should have a strong technical background and demonstrate experience in vulnerability management, security architecture, and control engineering. This role emphasizes solution engineering over process engineering—using vulnerability intelligence, risk frameworks, policies, and controls as inputs to architect practical, automatable, and scalable technical safeguards. - Engineer technical vulnerability risk solutions that reduce operational, cyber, and resilience risk through architecture, automation, and control design. - Translate vulnerability risk requirements, policies, and standards into implementable technical patterns, guardrails, and reference architectures. - Prioritize and influence solution design decisions based on risk impact, blast radius, and recovery dependencies. - Partner with platform, cloud, security, and SRE teams to embed risk controls directly into infrastructure and pipelines. - Evaluate control effectiveness using technical signals and evidence, not just procedural compliance. - Support initiatives such as vulnerability discovery, exposure analysis, remediation workflow design, secure cloud architectures, isolated recovery environments, identity and access hardening, and infrastructure resilience. - Provide technical guidance on risk tradeoffs, recovery sequencing, and dependency-aware system design. - Work across broad vulnerability management capabilities, including scanners, asset and exposure data sources, prioritization models, remediation tracking platforms, exception workflows, and executive risk reporting. - Contribute to lightweight process definition where needed—but always in service of enabling better technical outcomes. Qualifications - Bachelor's Degree in Computer Science, Cybersecurity, Information Systems, Software Engineering, or a related technical field. - Master's Degree in a related field is preferred. - 7+ years in engineering, security engineering, platform engineering, SRE, vulnerability management, or technical risk roles. - Proven ability to design and influence technical solutions across cross-functional teams. - Hands-on experience with vulnerability management practices, including discovery, prioritization, remediation coordination, exception handling, and risk reporting. - Demonstrated problem-solving skills, analytical thinking, and the ability to explain complex technical risk concepts to non-technical audiences without losing fidelity. - Ability to work independently and as part of a team, operating comfortably between engineering teams and risk stakeholders. Requirements - Strong understanding of how risk manifests in distributed systems, cloud platforms, and automation environments. - Infrastructure as Code experience using Terraform. - Configuration management and automation experience using Ansible. - Programming and scripting proficiency in Python. - Hands-on experience with cloud platforms, specifically Google Cloud Platform (GCP) and/or Azure. - Ability to design and implement scalable, automatable security controls and remediation workflows across enterprise technology stacks. Preferred Experience - Experience with CI/CD pipelines and policy-as-code implementation. - Knowledge of cloud IAM, networking, and control plane security. - Experience with backup, recovery, and resilience architectures. - Familiarity with observability, logging, and evidence automation for control validation. - Experience with vulnerability scanners, exposure management platforms, and remediation workflow tooling. - Knowledge of ITIL-based IT Service Management (ITSM) practices. - Familiarity with Agentic AI Frameworks for security automation use cases. Benefits - Immediate medical, dental, and prescription drug coverage. - Flexible family care, parental leave, new parent ramp-up programs, subsidized back-up child care and more. - Vehicle discount program for employees and family members, and management leases. - Tuition assistance. - Established and active employee resource groups. - Paid time off for individual and team community service. - A generous schedule of paid holidays, including the week between Christmas and New Year’s Day. - Paid time off and the option to purchase additional vacation time.

Role Description Hillel International seeks an Associate Vice President, Safety and Security to lead a high-impact, movement-wide portfolio focused on strengthening safety, security, preparedness, and crisis response across the Hillel movement. Reporting to the Senior Vice President of Campus Solutions, this leader will oversee the strategy, systems, partnerships, and implementation necessary to help Hillels create safe, welcoming, and resilient environments for Jewish students and campus communities. The AVP, Safety and Security will bring strong executive judgment, operational discipline, and the ability to work in a complex, fast-moving environment. This leader must be able to translate security expertise into practical guidance for campus Hillels, partner effectively with university leaders and law enforcement, and ensure that safety and security are integrated into Hillel’s broader work supporting Jewish students. This position is fully remote and open to eligible candidates in the United States. Travel Expectations: This role requires travel approximately once per month (10-20%, depending on the time of year). What You’ll Do - Safety and Security Strategy - Lead Hillel International’s national safety and security strategy across the Hillel movement. - Oversee implementation of Hillel’s multi-year Safety and Security Implementation Plan, including staffing, budget, grants, assessments, and field support. - Create a scalable framework that balances movement-wide consistency with the unique realities of each campus and local Hillel. - Serve as a senior advisor to Hillel International leadership on safety, security, risk, preparedness, and crisis response. - Standards, Readiness, and Accountability - Lead the rollout and ongoing refinement of Hillel’s Recommended Minimum Safety and Security Standards. - Oversee baseline surveys, annual audits, threat and vulnerability assessments, and recurring security reviews. - Ensure Hillels have access to clear tools, templates, training resources, implementation guides, and direct support. - Build systems to track readiness, identify gaps, prioritize high-risk campuses, and measure progress over time. - Crisis Response, Training, and Field Support - Develop and oversee a reliable crisis-response and on-call structure for urgent incidents, threats, protests, disruptions, and other evolving situations. - Provide strategic guidance to Hillel professionals navigating security concerns, campus climate challenges, and coordination with universities and law enforcement. - Support campus Hillels in developing emergency response plans, incident protocols, event security plans, communication plans, and continuity plans. - Develop and oversee a national training strategy for Hillel professionals, student leaders, boards, and campus partners. - Partnerships, Resources, and Leadership - Oversee Hillel’s safety and security grant strategy, including support for training, preparedness, and physical security improvements. - Serve as a key liaison with security partners, university leaders, law enforcement, Jewish communal organizations, and emergency management professionals. - Partner across Campus Support, Legal, Communications, Development, Finance, HR, Field Operations, and other Hillel International teams. - Lead staff, consultants, vendors, trainers, and external partners with sound judgment, discretion, and calm leadership in high-stakes moments. Qualifications - Significant senior-level experience in safety, security, emergency management, law enforcement, military, campus safety, Jewish communal security, nonprofit security, or a related field. - Demonstrated ability to develop and implement safety, security, emergency preparedness, or risk management strategies across complex, multi-site systems. - Experience navigating high-stakes incidents, urgent threats, reputational risk, and crisis situations with sound judgment, speed, discretion, and coordination. - Strong understanding of campus dynamics, Jewish communal life, antisemitism, protest activity, targeted harassment, and threats facing Jewish students and institutions. - Ability to build trust with campus professionals, executives, boards, funders, university leaders, law enforcement, communal partners, and internal teams. - Excellent communication skills, with experience developing training, protocols, standards, and systems to track readiness, measure progress, and communicate impact. - Bachelor’s degree required. Advanced degree or relevant certifications preferred. Requirements - Willingness to travel domestically once a month; occasional international travel may be required. Benefits - Competitive salary in the nonprofit marketplace. The salary range for this role is $145,000 to $165,000. - This position is fully remote and open to eligible candidates in the United States. - A comprehensive benefits package, including health insurance, retirement plan, Life, AD&D, and Long-Term Disability insurance, Flexible Spending Accounts, generous vacation and sick time, and parental leave. - The opportunity to shape a critical national strategy at a defining moment for Jewish students and Jewish campus life.

• Contribute to architecture, design, and implementation reviews for new features, services, platform changes, and cloud initiatives. • Support pragmatic threat modeling and secure-by-design practices across APIs, services, data flows, workloads, and platform components. • Advise engineering teams on application security, cloud and infrastructure security, and secure software supply chain topics. • Help teams make sound security trade-offs and support remediation on complex or high-priority topics. • Contribute to the security of AI-related product capabilities, including model, pipeline, data flow, and integration considerations. • Assess technical security risks related to internal AI usage, including data exposure, acceptable use, and vendor-related concerns, in partnership with the GRC function where relevant. • Identify practical opportunities to leverage AI in security workflows, including threat analysis, remediation support, security reviews, and compliance-related automation. • Bring strong technical depth to security and risk discussions by helping identify realistic attack paths, assess practical impact and likelihood, and translate findings into pragmatic remediation priorities. • Partner with the GRC function to ensure risk assessments are supported by strong technical input and connected to concrete engineering actions. • Explain risks, trade-offs, and recommendations in a way that drives action across engineering and cross-functional teams. • Make secure practices easier to adopt through clear guidance, repeatable patterns, automation, and pragmatic support. • Contribute to improving and evolving our security tooling, in close collaboration with SecOps, with a focus on making security signals, posture insights, and remediation workflows more useful for Security and Engineering teams. • Develop use cases, dashboards, workflows, and integrations that help teams better understand, prioritize, and remediate security issues.