FULL-TIME JOB VACANCY
INFORMATION SECURITY TECHNOLOGIST
Information Security Program
Multiple Locations Considered
Application Deadline: 23 August 2022
The Information Security Program of Human Rights Watch (HRW) supports the organization in responding to near- and far-term security threats, incorporating security into our existing processes and architecting new ones, and ensuring that HRW makes informed decisions about the responsible use of technology.
The Information Security Program is seeking an Information Security Technologist to work on securing HRW’s IT systems, devices, and assets. This position will work closely with IT and stakeholders across HRW to ensure systems and processes have technical security controls in place that are responsive to our threat landscape while also meeting our operational, ethical, legal, and regulatory requirements.
The Technologist will work in collaboration with the Information Security team to monitor systems for compromise, conduct investigations and incident response. This position can be based in any office location with a preference for working hours that overlap with the US Eastern time zone. The Technologist reports to the Director for Information Security based in Berlin.
Due to COVID-19, many of our global offices are currently operating in reduced capacities. The successful candidate may be required to work remotely if local mandates necessitate. We recognize that this moment, during the pandemic, is a uniquely difficult time for most people, particularly those with caregiving responsibilities, and we aim to be as flexible and supportive as possible in both the recruitment for and onboarding of this position.
1. Guidance and Awareness:
– Develop, document, and provide guidance on security controls that are appropriate for the risks HRW staff face and support the unique requirements of their work;
– Promote a risk-aware culture across HRW by conducting information security trainings and awareness raising activities with staff; and
– Assist the information security director in providing security and safety advice as required to staff on the preparation and execution of higher-risk travel, or in conducting higher risk activities.
2. Incident Response – assist with incident handling, perform response and containment actions, collect digital forensics, and create detailed incident documentation.
3. Technology Evaluation – assist with performing research and evaluations of the software, hardware, and online services and platforms used by HRW.
4. Vulnerability Management – assist with evaluating and mitigating vulnerabilities within HRW systems and devices.
5. Threat Intel – assist with researching existing and emerging threats against HRW, and help create detection, mitigation, and response strategies.
6. Security Tools – assist with managing, operating, and automating the tools and platforms used to secure HRW’s systems and devices.
7. Collaboration – work with the Safety and Security team, IT, and HRW staff to resolve issues.
8. Documentation – create and maintain high-quality, accurate, and in-depth data and documents on information security processes, technologies, and/or related coverage areas.
9. Reporting – support the development of reports and key metrics of IT and information security programs.
10. Perform other duties as required.
A level of education that when combined with your professional experience will adequately show you have the capability to contribute meaningfully to HRW’s information security program.
Candidates who have relevant academic degrees or security certifications are encouraged to apply, but this is a plus – not a requirement.
Required Experience and Skills:
1. A minimum of 3 years of relevant professional security experience;
2. Hands-on experience with securing and defending Windows devices; experience with Apple devices strongly desired;
3. Knowledge of industry security controls, standards, and frameworks;
4. Working knowledge of the risks associated with human rights and/or civil society activism and/or journalism globally;
5. Experience with threat management and incident response including direct command of incidents, prioritization of findings, evidence collection, developing remediation strategies, and measuring those strategies;
6. Experience with information security risk management practices, including threat modeling, risk assessment, and/or digital security evaluations of tools, platforms, or workflows;
7.Ability to handle multiple projects simultaneously and adjust to changing priorities;
8. Ability to make progress independently toward short- and long-term projects;
9. Ability to work collaboratively with both technical and non-technical staff;
10. Ability to respectfully engage with people from different countries and cultures; and
11. Excellent organization, communication, and interpersonal skills.
Desired Experience and Skills:
1. Fluency or proficiency in additional languages;
2. Experience with Azure AD, Microsoft 365, and related apps and services;
3. Experience with a SIEM, preferably Azure Sentinel; and
4. Demonstration of a desire to share knowledge or research, such as through contributing to an open-source project or repo, speaking at a security conference, or writing blog posts or articles on technical subjects.
Salary and Benefits: HRW seeks exceptional applicants and offers comprehensive compensation and benefits. HRW can offer a relocation assistance package and immigration support for this role if required, and people of all nationalities are encouraged to apply.
How to Apply: Please apply immediately or before 23 August 2022 by visiting our online job portal at careers.hrw.org and submitting a cover letter and resume or CV. No calls or email inquiries, please. Only complete applications will be reviewed, and only shortlisted candidates will be contacted
If you are experiencing technical difficulties with your application submission, or if you require accommodations during the application process, please email [email protected] Due to the large response, application submissions via email will not be accepted and inquiries regarding the status of applications will go unanswered.
Human Rights Watch is strong because it is diverse. We actively seek a diverse applicant pool and encourage candidates of all backgrounds to apply. Human Rights Watch does not discriminate on the basis of disability, age, gender identity and expression, national origin, race and ethnicity, religious beliefs, sexual orientation, or criminal record. We welcome all kinds of diversity. Our employees include people who are parents and nonparents, the self-taught and university educated, and from a wide span of socio-economic backgrounds and perspectives on the world. Human Rights Watch is an equal opportunity employer.
Human Rights Watch is an international human rights monitoring and advocacy organization known for its in-depth investigations, its incisive and timely reporting, its innovative and high-profile advocacy campaigns, and its success in changing the human rights-related policies and practices of influential governments and international institutions.