IREX

Information Security Specialist

Remote
Part Time
Student (College)

ABOUT IREX

 

IREX is an independent nonprofit organization dedicated to building a more just, prosperous, and inclusive world by empowering youth, cultivating leaders, strengthening institutions, and extending access to quality education and information.

POSITION SUMMARY

 

The Information Security Specialist, under the supervision of the Project Director/Deputy Project Director, will be hired as a consultant to perform some or all activities including (1) conducting and writing organizational cybersecurity risk assessments, (2) OSINT analysis, (3) vulnerability assessments, (4) pen testing, (5) Center for Internet Security Controls (CIS Controls v8) and/or industry-recognized security frameworks like NIST, ISO27000:2018 series, and/or CSO community-driven SAFETAG framework, (6) and developing and delivering Security Awareness Programs (SAP) and ad-hoc trainings in coordination with beneficiary organizations’ needs.

 

IREX will prioritize candidates whose native language(s) are either Hindi, Spanish, Arabic, Russian, or French with experience working on information security, particularly organizational cybersecurity. However, all candidates who can perform the above-mentioned tasks are encouraged to apply regardless of language abilities. Consultant(s) will be hired on a rolling basis based on project needs.

 

Please note this position is based on the project's needs, with an expected approximate engagement between 20 and 100 days per year, pending the consultant’s technical skills and qualifications to fulfill the required tasks.

 

DUTIES AND RESPONSIBILITIES

 

  • Plan, manage, and conduct organizational assessments, provide guidance, training, mentoring, and support on information security issues and topics to project beneficiaries. 
  • Draft Organization Security Risk Assessment (OSRA) reports geared towards non-technical audiences.
  • In collaboration with the Senior Technical Advisor/Project Director and/or Deputy Project Director, develop organizational Action Plans (APs) based on OSRA findings and in consultation with beneficiary organization executive leadership to help improve beneficiary security postures rooted in organizational assessment findings. 
  • Lead design efforts with assigned beneficiaries on tailored Security Awareness Program (SAP), ensuring that beneficiaries learn, internalize, use, and spread appropriate information security practices.
  • Lead design of specially designed training as needed. 
  • Collaborate with SOC team members on services specifically designed for beneficiaries.
  • Develop, draft, and update documentation, including policies, procedures, baselines, guidelines, etc. in collaboration with beneficiary organizations. 
  • Write technical and programmatic reports on activities and program implementation. 
  • With supervision, provide input to internal/external reports, presentations, and other products.
  • Contribute to monitoring and evaluation activities including data management and analysis, as assigned.
  • Draft correspondence with stakeholders. Guidance and/or approval before engaging stakeholders may be required.
  • Perform additional duties as assigned.

SKILLS AND EXPERIENCE

  • Strong working knowledge of diverse IT systems and information security fundamentals.
  • Working knowledge of networking concepts, vulnerability, and industry security technologies such as endpoint protection and network/device monitoring.
  • At least 3 years of experience in information security, digital security principles, and safe computing practices.
  • Very strong verbal, written, and listening communication skills (in English).
  • Ability to work independently on assigned efforts.
  • Strong interpersonal skills as well as experience developing solid professional relationships.
  • Broad training experience working with staff with limited technical knowledge.
  • Familiar with both commercial and open-source digital security tools.
  • Ability to work under pressure and manage multiple activities.

 

Preferred:

  • Existing, trust-based relationships with a wide array of stakeholders working for civil society organizations, human rights organizations, and independent media or any relevant experience.
  • Bachelor’s degree in information or computing sciences.
  • Familiarity with Center for Internet Security Controls (CIS Controls v8) or at least one industry-recognized security framework like NIST, ISO27000:2018 series, and/or CSO community-driven SAFETAG framework.
  • Fluency in Hindi, Spanish, Arabic, Russian, or French

 

To apply, please submit a full CV, a separate document summarizing relevant experience, and a proposed daily rate (in $ USD).

 

IREX may, at its discretion, ask for additional information, including references. Issuing this call does not commit IREX to select any applicant/expert. IREX may hire more than one applicant/expert from this call. IREX reserves the right, based on the availability of funding and consultant performance, to increase the duration and/or enter into subsequent contractual agreements with the selected candidates without re-publicizing the opportunity.

 

Prior to any engagement, you will be asked to provide references. IREX will not extend an offer until the reference check is completed.

 

IREX conducts anti-terrorism database clearances on candidates who accept employment offers.

IREX is committed to a diverse and inclusive workplace and inclusive hiring practice. IREX is an equal-opportunity employer.

 

NO PHONE CALLS PLEASE

AA/EOE/M/F/Vet/Disabled

Share

Apply for this position

Required*
Apply with Indeed
We've received your resume. Click here to update it.
Attach resume or Paste resume
Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

Human Check*