Information Security Manager, Information and Media Practice at IREX

Skills & Experience – Required

• Bachelor's degree in Computer Information Systems, Management Information Systems, or Computer Science.
• Minimum 3 - 5 years’ experience in information security, digital security principles, and safe computing practices.
• Strong working knowledge of diverse IT systems and cybersecurity fundamentals.
• Working knowledge of networking concepts, vulnerability, and industry security technologies such as endpoint protection and network/device monitoring
• Ability to work independently on assigned efforts.
• Strong interpersonal skills as well as experience developing solid professional relationships.
• Broad training experience working with staff with limited technical knowledge.
• Familiar with both commercial and open-source digital security tools.
• Ability to work under pressure and manage multiple activities.
• Proven experience managing multiple complex programming in a demanding, time-sensitive work environment.
• Experience conducting cybersecurity assessments and ability to proficiently articulate findings in the English language.
• Strong problem-solving skills and demonstrated flexibility to meet program outcomes.
• Strong representational and organizational skills.
• Proficient in Microsoft Office products
• Speaking, reading, and writing proficiency in English is required. Excellent written and spoken English.
• Excellent cross-cultural and interpersonal communication skills.
• Self-motivated and result oriented.
• Must demonstrate valid proof of unrestricted authorization to work in a country where this position is based.

Skills & Experience – Preferred

• Existing, trust-based relationships with a wide array of stakeholders working for civil society organizations, human rights organizations, and independent media or any relevant experience.
• Familiarity with Center for Internet Security, Critical Security Controls (CIS CSC v8), or at least one industry-recognized security framework like NIST, ISO27000, and/or CSO community-driven SAFETAG framework.
• Experience with the development of educational programs in security awareness.
• Possess Certified Information Systems Security Professional (CISSP) or other information systems security certifications.

Your Daily Tasks

• Draft OSRA reports geared towards a non-technical audience in mind.
• Plan, manage, and conduct Organizational Security Risk Assessments (OSRA), provide guidance, training, coaching, mentoring, and support on cybersecurity issues and topics to beneficiaries per projects outlined activities and objectives.
• Develop organizational Action Plans (APs) driven by OSRNA findings in consultation with beneficiary organization leadership helping improve beneficiary security postures.
• Develop, lead, implement, and coordinate Security Awareness Programs (SAPs) with beneficiary organizations.
• Draft, help develop, or review documentation including processes, procedures, and policies.
• Write technical and programmatic reports on the activities and the program implementation.
• Participate in conferences, organize trainings, and other events as needed and requested.
• With supervision, provide input to internal/external reports, presentations, and other products.
• Contribute to monitoring and evaluation activities including data management and analysis if assigned.
• Draft correspondence with stakeholders. Guidance and/or approval before engaging stakeholders may be required.
• Perform additional duties as assigned by DPD/STA II.
• Maintain communications and relationships with beneficiary organizations.
• Support DPD as instructed in developing partnerships and new business initiatives
• Perform additional duties as assigned.