Oxfam America operates across more than 75 countries, coordinating humanitarian aid, advocacy, and long-term development programs in active conflict and crisis zones including Gaza, Sudan, and East Africa. The organization is part of the Oxfam International confederation, which means its security posture isn't just about protecting internal corporate assets - it's about safeguarding the data and communications of vulnerable populations, field staff operating in high-risk environments, and partner organizations on the ground. The threat model here includes nation-state actors, surveillance infrastructure deployed against civil society, and adversarial conditions that most enterprise security teams never have to consider.
For cybersecurity practitioners, the operational context matters: Oxfam America mobilizes millions of people annually and advocates on politically charged issues - economic justice, gender equality, climate action. That visibility, combined with work in regions with active hostilities, creates a threat surface that extends well beyond the typical nonprofit IT environment. Protecting field communications, donor data, and advocacy infrastructure under these conditions demands serious technical rigor.
The organization partners with local communities and allies worldwide, which means security considerations span partner ecosystems - not just the org's own perimeter. Teams here work at the intersection of mission-critical operations and real-world risk, where the consequences of a breach aren't abstract. This is cybersecurity applied to some of the most consequential work happening on the planet, in contexts where the adversary is often state-level and the stakes are measured in human safety.





