Avaaz is a campaigning organisation that reaches tens of millions of citizens every week with opportunities to change the world. This includes protecting our planet from climate change and other threats, fighting to stop social media from undermining our democracies, and deepening human connection.
Our staff are based all over the world. Applicants from any timezone may apply. Avaaz will support you to set up a home or co-working environment that leads to excellence in delivery and long-term sustainability. Link to job post: https://secure.avaaz.org/campaign/en/hiring/#op-385847-security-engineer What the position involves The Security Engineer will be part of a team that has responsibility for all security aspects of the organization’s technology, systems, communications, and staff. We are seeking a candidate with a strong technical background, hands-on experience implementing security across the full breadth of the technology stack and a strong ability to provide balanced and actionable security solutions for Avaaz. Specific responsibilities include: - Design and implement security solutions across all technology that Avaaz runs. - Align security of Avaaz applications and infrastructure to security best practices. - Provide continued compliance of the organization with applicable security and data protection standards (e.g. GDPR). - Provide security advice on proposed new technologies, projects and campaigns. - Perform security monitoring/operations tasks and incident response. - Identify new security solutions and tools to improve Avaaz security. - Assist in user security education and security awareness training and campaigns. Our ideal candidate will have these skills/experience - Familiarity and solid knowledge of how cloud-hosted modern web applications are designed, built and deployed. In particular, design-level and hands-on implementation experience with AWS and GCP. - Experience in designing and implementing solutions to protect applications, networks and infrastructure from threats. - Strong Python and shell scripting skills, primarily with the focus of implementing security solutions and automating security processes. - Solid understanding of zero trust network/BeyondCorp principles and designing security solutions that follow those principles. - Ability to look at a new technology or project and then quickly apply security principles/best practices to make prioritised recommendations to secure the technology/project - Highly flexible with rapidly-shifting needs and priorities - Delivery-oriented with high attention to detail and without paralyzing perfectionism - Ability to deliver complex technical subjects to technical and non-technical audiences. Bonus points for having these skills/experience - Experience performing security monitoring/operations (SIEM, WAF, IDS, log analysis, etc.) - Broad application security exposure (across secure coding and architecture, common application security vulnerabilities, threat modeling, and/or vulnerability management) - Familiarity identifying and deploying technologies that enable secure online communications. - Experience in providing security advice/consulting for technology projects (either internal or external to an organisation) - Experience in security configuration of computers and mobile devices. In particular, strong macOS, Android and iPhone management, security and troubleshooting experience. - Exposure to security incident response processes and execution. - Experience in engaging and managing external vendors to conduct security testing and managing remediation of vulnerabilities. Where to apply Apply here: https://secure.avaaz.org/campaign/en/hiring/#op-385847-security-engineer Thanks, Matthew
-- Liberationtech is public & archives are searchable from any major commercial search engine. Violations of list guidelines will get you moderated: https://lists.ghserv.net/mailman/listinfo/lt. Unsubscribe, change to digest mode, or change password by emailing [email protected].
