CYBERSECURITY AND DATA PROTECTION OFFICER
Please apply to the position on Vista here: https://jobs.amideast.org/public/jobs/2023-078P3282.htm
Applications NOT uploaded into the above link will NOT be considered.
COMPANY DESCRIPTION:
Established in 1951, Amideast is an American nonprofit organization dedicated to creating hope, opportunity, and mutual understanding among people in the Middle East, North Africa, and United States through life-changing opportunities for education and cultural exchanges. Working with local, regional, and international partners, we provide programs and services that improve educational opportunity and quality, expand access to U.S. study, empower youth and women, strengthen local institutions, and develop language and professional skills for success in the global economy. Headquartered in Washington, D.C., Amideast operates offices in 11 countries in the MENA region. For more information, visit us at www.amideast.org.
POSITION DESCRIPTION:
The Cybersecurity and Data Protection Officer’s role is to ensure the secure operation of on-premise and hosted computer systems, servers, and network connections. This includes checking server and firewall logs, scrutinizing network traffic, establishing and updating virus scans, and troubleshooting. The incumbent will also analyze and resolve security breaches and vulnerability issues in a timely and accurate fashion, and conduct user activity audits where required, work with cloud vendors and evaluate their security practices.
RESPONSIBILITIES:
- Develop, implement, maintain, and oversee enforcement of policies, procedures, and associated plans for system security administration and user system access based on industry-standard best practices
- Design and implement disaster recovery plan for operating systems, databases, networks, servers, and software applications
- Design and implement incident response plans based on filed office laws and regulations
- Design, implement, and monitor data protection policies and procedures
- Assess need for any security reconfigurations and execute them if required
- Keep current with emerging security alerts and issues
- Conduct research on emerging products, services, protocols, and standards in support of security enhancement and development efforts
- Interact and negotiate with vendors, outsourcers, and contractors to obtain protection services and products
- Recommend, schedule, and perform security improvements, upgrades, and/or purchases
- Deploy, manage, and maintain all security systems and their corresponding or associated software, including firewalls, intrusion detection systems, cryptography systems, and anti-virus software
- Administer and maintain end user accounts, permissions, and access rights
- Manage connection security for local area networks, Company website, Company intranet, and e-mail communications
- Manage and ensure the security of databases and data transferred both internally and externally
- Design, perform, and/or oversee penetration testing of all systems to identify system vulnerabilities
- Design, implement, and report on security system and end user activity audits
- Monitor server logs, firewall logs, intrusion detection logs, and network traffic for unusual or suspicious activity. Interpret activity and make recommendations for resolution
- Recommend, schedule (where appropriate), and apply fixes, security patches, disaster recovery procedures, and any other measures required in the event of a security breach
- Evaluate new security software and/or technologies
- Provide on-call security support to end-users
QUALIFICATIONS AND SKILLS:
Required
- College diploma or university degree in the field of computer science and/or 5 years equivalent work experience
- One or more of the following certifications:
- GIAC Security Essentials Certification
- GIAC Certified Enterprise Defender
- ISACA Certified Information Security Manager
- Microsoft Certified Systems Engineer: Security
- (ISC)2 SCCP
- (ISC)2 CISSP
- (ISC)2 ISSAP
- Broad hands-on knowledge of firewalls, intrusion detection systems, anti-virus software, data encryption, and other industry-standard techniques and practices
- In-depth technical knowledge of network, PC, and Microsoft and Linux operating systems
- Working technical knowledge of current systems software, protocols, and standards
- Strong knowledge of TCP/IP and network administration/protocols
- Hands-on experience with devices such as hubs, switches, and routers
- Knowledge of applicable practices and laws relating to data privacy and protection
- Knowledge of law enforcement practices and procedures in the US and the MENA region
- Intuition and keen instincts to preempt attacks
- High level of analytical and problem-solving abilities
- Ability to conduct research into security issues and products as required
- Strong interpersonal and oral communication skills
- Highly self-motivated and directed
- Strong organizational skills
- Excellent attention to detail
- Ability to effectively prioritize and execute tasks in a high-pressure environment
- Able to work in a team-oriented, collaborative environment
Preferred
- Fluency in Arabic and French languages
WORK ENVIRONMENT:
The incumbent in this position will work in a professional office environment and will utilize the following equipment when working from the corporate office or remote home office (temporarily due to COVID-19).
- Computer (laptop or desktop)
- Printer/Photocopier/Scanner/Fax
- Telephone
- Other (Specify if any)
Up to 5% business travel may be needed to support business initiatives as needed.
The physical demands and work environment that have been described is representative of those an employee encounters while performing the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions in accordance with the Americans with Disabilities Act.
This position description is an overview of the major functions and requirements of this position. This document is not intended to be an exhaustive list encompassing every duty and requirement of the position; the Employee’s Manager may assign other duties as related or as otherwise deemed appropriate and necessary within the general scope, without the need for additional compensation.
Amideast is an equal opportunity employer and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.
Positions that involve interaction with children will be required to read, acknowledge, and comply with and attend special training in accordance with the Child Protection and Safeguarding policy. All Amideast representatives must comply with the Code of Conduct and all applicable organizational policies.
