Your Background & Skills

• Strong working knowledge of diverse IT systems and information security fundamentals.
• Working knowledge of networking concepts, vulnerability, and industry security technologies such as endpoint protection and network/device monitoring
• At least 3 years’ experience in information security, digital security principles, and safe computing practices.
• Very strong verbal, written, and listening communications skills (in English).
• Ability to work independently on assigned efforts
• Strong interpersonal skills as well as experience developing solid professional relationships.
• Broad training experience working with staff with limited technical knowledge.
• Ability to travel (pending global COVID-10 pandemic development)
• Familiar with both commercial and open-source digital security tools.
• Ability to work under pressure and manage multiple activities.

Preferred

• Existing, trust-based relationships with a wide array of stakeholders working for civil society organizations, human rights organizations, and independent media or any relevant experience
• Bachelor’s degree in Information or Computing sciences.
• Familiarity with at least one industry recognized security framework like NIST, ISO27000, CIS and/or CSO community driven SAFETAG framework.
• Fluency in Spanish and/or Russian and/or Arabic and/or French.

Your Daily Tasks

• Plan, manage and conduct organizational assessment, provide guidance, training, mentoring, and support on information security issues and topics to project beneficiaries.
• Draft Organizational Security and Risk Needs Assessment (OSRNA) report geared towards non-technical audience in mind.
• In collaboration with the Senior Technical Advisor/Project Director and/or Deputy Project Director, develop organizational action plan steamed from OSRNA findings and in consultation with beneficiary organization leadership, to help improve beneficiary security posture per organizational assessment findings.
• Lead building efforts with assigned beneficiaries’ of security awareness program, ensuring that beneficiaries learn, internalize, use, and propagate appropriate information security practices.
• Draft and update documentation, including policies, procedures, baselines, guidelines, etc.
• Write technical and programmatic reports on the activities and the program implementation
• Participate in conferences, trainings, and other events as needed.
• With supervision, provide input to internal/external reports, presentations, and other products.
• Contribute to monitoring and evaluation activities including data management and analysis if assigned.
• Draft correspondence with stakeholders. Guidance and/or approval before engaging stakeholders may be required.
• Perform additional duties as assigned.