IREX is hiring a
Information Security Specialist in Worldwide

Summary

The Information Security Specialist will conduct cybersecurity assessments, OSINT analysis, vulnerability assessments, pen testing, and develop security awareness programs for IREX under the supervision of the Project Director/Deputy Project Director. The candidate should have strong IT systems knowledge, communication skills, and experience in information security.

Requirements

• Strong working knowledge of diverse IT systems and information security fundamentals
• Working knowledge of networking concepts, vulnerability, and industry security technologies such as endpoint protection and network/device monitoring
• At least 3 years of experience in information security, digital security principles, and safe computing practices
• Very strong verbal, written, and listening communication skills (in English)
• Ability to work independently on assigned efforts
• Strong interpersonal skills as well as experience developing solid professional relationships
• Broad training experience working with staff with limited technical knowledge
• Familiar with both commercial and open-source digital security tools
• Ability to work under pressure and manage multiple activities

Responsibilities

• Plan, manage, and conduct organizational assessments, provide guidance, training, mentoring, and support on information security issues and topics to project beneficiaries
• Draft Organization Security Risk Assessment (OSRA) reports geared towards non-technical audiences
• In collaboration with the Senior Technical Advisor/Project Director and/or Deputy Project Director, develop organizational Action Plans based on OSRA findings and in consultation with beneficiary organization executive leadership to help improve beneficiary security postures
• Lead design efforts with assigned beneficiaries on tailored Security Awareness Program (SAP), ensuring that beneficiaries learn, internalize, use, and spread appropriate information security practices
• Lead design of specially designed training as needed
• Collaborate with SOC team members on services specifically designed for beneficiaries
• Develop, draft, and update documentation, including policies, procedures, baselines, guidelines, etc. in collaboration with beneficiary organizations
• Write technical and programmatic reports on activities and program implementation
• With supervision, provide input to internal/external reports, presentations, and other products
• Contribute to monitoring and evaluation activities including data management and analysis, as assigned
• Draft correspondence with stakeholders. Guidance and/or approval before engaging stakeholders may be required
• Perform additional duties as assigned

Preferred Qualifications

• Existing, trust-based relationships with a wide array of stakeholders working for civil society organizations, human rights organizations, and independent media or any relevant experience
• Bachelor’s degree in information or computing sciences
• Familiarity with Center for Internet Security Controls (CIS Controls v8) or at least one industry-recognized security framework like NIST, ISO27000:2018 series, and/or CSO community-driven SAFETAG framework
• Fluency in Hindi, Spanish, Arabic, Russian, or French