Junior/Senior Security Officer

Anywhere Full-time Allows remote

Job Description

The Junior or Senior Security Officer will be part of a team that has responsibility for all security aspects of the organization’s technology, systems, communications, and staff. We are seeking either:

  1. a) a candidate with some security experience/knowledge, but has a strong technical background and is willing to develop and grow rapidly in the information security space; or
  2. b) a candidate with strong and extensive security experience/knowledge, who wants to apply their skills in a unique international campaigning organisation such as Avaaz.

Specific responsibilities include:

  • Oversee security of Avaaz applications and infrastructure to security best practices
  • Provide continued compliance of the organization with applicable security standards, e.g. PCI DSS
  • Provide security advice on both technology projects and campaigns Avaaz runs
  • Perform security monitoring/operations tasks and incident response
  • Perform regular checks on the security of the web applications
  • Implement new security tools, programs, and solutions
  • Assist in user security education and security awareness training and campaigns

 

Required

  • Strong technology background with a desire to learn and progress within the information security field
  • Familiarity and solid knowledge of how cloud-hosted modern web applications are designed, built and deployed
  • Familiarity and knowledge of networks/infrastructure concepts and threats, as well as solutions to address those threats
  • Familiarity and knowledge of web application concepts and threats, as well as solutions to address those threats
  • Familiarity with nimble, iterative web development
  • Highly flexible with rapidly-shifting needs and priorities
  • Detail-oriented without paralyzing perfectionism
  • Communication skills with both technical and non-technical colleagues

Desired

  • Familiarity with implementing and/or maintaining PCI compliance
  • Experience performing security monitoring/operations (WAF, IDS, web logs, etc.)
  • Familiarity with cloud Infrastructure as a Service (IaaS) providers
  • Security certification (Eg. CISSP, CISM, CISA, etc.)
  • Familiarity with securing online communications
  • Experience in providing security advice/consulting on technology projects
  • Experience in automated/remote security configuration of computers
  • Exposure to security incident response processes and execution