About Us:
We are a small, fully remote nonprofit organization focused on gender equity. Our team of 7 staff members are mostly part-time and work from home on personal devices. Our systems are built primarily on Google Workspace for Nonprofits. Our website security is managed by a third-party vendor.
Role Overview:
We are seeking a security consultant to help us assess our security posture and implement practical, common-sense policies for our remote team. The focus will be on email, app security, and staff practices - helping prevent phishing attacks, ensuring 2FA adoption, and establishing repeatable security processes appropriate for a small nonprofit.
Key Responsibilities:
- Conduct a security assessment tailored to a small, fully remote team.
- Identify vulnerabilities in email, app access, and general device usage.
- Develop and document clear, actionable security policies for staff.
- Recommend and assist with implementation of best practices (e.g., 2FA, password management, phishing awareness).
- Provide prioritized recommendations that balance security with usability for a small team.
- Possibly design and deliver training and resources for non-technical staff.
Qualifications:
- Experience consulting for small nonprofits, small businesses, and/or fully remote teams.
- Deep knowledge of Google Workspace security features and best practices.
- Experience developing security policies, procedures, and staff training.
- Ability to communicate technical concepts in plain language.
- Familiarity with compliance or data protection requirements relevant to nonprofit data is a plus.
Project Scope & Engagement:
- One-time assessment with optional implementation support.
- Flexible timeline, ideally starting April 20.
- Expected project duration: 1-3 months.
- Remote engagement; asynchronous collaboration supported.
To Apply:
Please provide a brief description of your relevant experience, examples of past work with small or remote teams, and a proposed approach for helping a nonprofit improve its security posture.