Background:
- IDWF is a global union federation headquartered in Geneva and operating in seven regions (Africa, Asia, the Caribbean, Europe, Latin America, North America, and the Middle East), with a staff of ~25 spread across countries and contexts.
- IDWF conducts a significant part of its operations virtually, including staff meetings, fiscal operations, collection and storage of membership data, and core activities.
- From September 2024 through February 2025, IDWF identified its core security risks and needs via initial digital security assessment which included several meetings with leadership, review of documents, and a comprehensive staff survey with 12 respondents across IDWF regions. This process helped identify the need for a comprehensive digital security process, specific gaps in organizational policy and protocols, and topics for staff training.
Position Overview
The International Domestic Workers Federation (IDWF) is seeking a digital security consultant to support the organization in (1) completing a comprehensive digital security audit and (2) designing and implementing strong digital security policies, protocols, and staff training.
Key responsibilities:
Digital security audit
- Review Dec 2024 digital security assessment
- Conduct additional interviews with IDWF staff to understand organizational tools, data, and device management (may include leadership, new staff, and representatives from different regions)
- Conduct a survey with Executive Committee members
- Update initial findings and draft plan for organizational practices and trainings
Organizational policies and practices
- Develop comprehensive digital security policies and practices for the organization, including for:
- internal and external communications
- data management
- device management
- travel safety
- financial processes
- With IDWF leadership, identify and implement key digital security tools (VPN, password manager, anti-virus software, etc)
Staff training
- Conduct staff training(s) on basic digital security, organizational policies, and digital security tools/tactics, including
- safe Internet and account access
- internal/external communications
- data management
- device management
- risk assessment, and emergency processes
- New security tools implemented during consultancy
Threat modeling workshop
- Design and conduct a workshop for IDWF staff (and ideally ExCo) on digital security risk assessment, threat modeling, and responses
- Share written guides for future use
- Update policies and practices as needed
Deliverables
- A comprehensive digital security audit report.
- A draft digital security policy document, revised based on consultation with IDWF staff.
- Digital security training materials and recorded training sessions.
- A report summarizing insights and outcomes from the threat modeling workshop.
- An orientation checklist for newcomers.
- A report with software recommendations.
- Recommendation, implementation and training for security tools and apps.
Qualifications
- Proven experience as a digital or holistic security professional, particularly in supporting organizers, human rights defenders, and/or NGOs.
- Deep understanding of contemporary digital security tools, best practices, risk assessment methods, and implementation strategies for organizations.
- Proven experience as a trainer (both virtual and in-person) for individuals new to digital security concepts and protocols.
- Ideally, experience in supporting remote organizations with staff across a wide range of countries, security contexts, and varying levels of digital/Internet access.
- Fluent in English, with excellent communication skills.
Working hours and location
- The consultant is expected to dedicate a minimum of 10 hours per week to work on the outlined deliverables. Additionally, the consultant should take the initiative to work flexibly with IDWF, accommodating the scheduling of other international events as well as the availability of the Executive Committee and staff. The consultancy period is anticipated to last for four to six months in 2025.Â
- This is a remote position. The candidate must have access to reliable internet and necessary equipment to perform the job effectively
Application
Interested candidates should submit their proposals, including a cover letter, CV, and examples of previous work related to digital security consulting, to the email address of [email protected] before 30 April 2025.
