The Information Security Program of Human Rights Watch (HRW) supports the organization and its counterparts in being responsive to near- and far-term security threats, incorporating security into our existing processes and architecting new ones, and ensuring that HRW makes informed decisions about the responsible use of technology.
The Information Security Program is seeking an Information Security Technologist to lead on systems security and security systems. This position will work closely with stakeholders across HRW to ensure systems and processes have technical security controls in place that are responsive to our threat landscape while also meeting our operational, ethical, legal, and regulatory requirements. The Technologist will also work in collaboration with the wider HRW security team to provide security guidance and support to HRW staff, conduct incident investigations, develop security risk management and monitoring plans, and as time allows, provide technology and security subject matter expertise to the program division.
The Technologist will preferably be based in a major HRW office, but other locations may be considered. This is a fixed-term, full-time position for one year. This position reports to the Director of Information Security, who is based in New York.
HRW is keen to hear from people who consider themselves under-represented in the security and/or technology communities – even if they feel they meet only some of the qualifications.
- Implement effective countermeasures to defend against unauthorized access to HRW systems, networks, and data;
- Help identify gaps in existing security architecture and recommend improvements;
- Maintain, develop, and evolve security systems and software, including incident response and information sharing platforms, configuration management, IDS, and researcher-focused security tooling;
- Assist in the development of information security contingency plans and disaster recovery procedures;
- Review and provide inputs on software procurement process including in house IT solutions, off the shelf software products, and/or contracted software development;
- Support the development, performance, and automation of regular system/process audits, coordinate corrective actions to security posture, and provide ongoing key metrics on these programs;
- Work with counterparts to establish, maintain, and contribute to active threat information-sharing channels that ensure HRW and civil society security counterparts are contributing to, and benefitting from, collective efforts to share threat intelligence and other relevant security information;
- Assist with technical and security emergencies as needed; troubleshoot and work with other members of the security team, IT, and affected HRW staff to resolve issues;
- Create and maintain high quality, accurate, and in-depth data and documents on information security processes, technologies, and/or related coverage areas;
- Deliver outputs in a timely manner and be consistent with the agreed strategy and priorities of the Information Security Director;
- As time allows, the Technologist may also serve as a resource for technical knowledge, assistance, and investigative collaboration for HRW’s research and technology teams;
- Travel internationally, as required; and
- Carry out any other duties as required.
Education: A level of education that when combined with your professional experience will adequately show you have the capability to contribute meaningfully to HRW's information security program. Candidates who have relevant academic degrees or security certifications are encouraged to apply, but this is a plus - not a requirement.
- A demonstrated interest in implementing and maintaining systems and processes to help HRW’s staff, sources, and constituents work safely and securely is required;
- Proven ability to code and script to automate common activities and effectively implement various security tools is required;
- Development skills with high-level scripting languages (i.e. Python [preferred], Ruby, etc.) with a mastery of at least one coding language is required;
- Proven ability to clearly document and communicate security findings, risk description, risk level, and recommended solutions to stakeholders is required;
- Proven ability to simplify processes and promote low friction security is preferred;
- Proven ability to develop secure software according to secure software deployment methodologies, tools, and practices is desirable;
- Proven ability to configure and validate network workstations and peripherals in accordance with approved standards and/or specifications is desirable; and
- Previous experience working in the human rights field is not required, but desirable.
Related Skills and Knowledge:
- Optimism, a sense of humor, and excitement about joining a supportive, skilled, and diverse team.
- Ability to identify opportunities for automation and scripting;
- Ability to explain complex technical subjects clearly and respectfully to audiences of specialists in non-technical fields;
- Excellent ability to work collaboratively and respectfully with others in multicultural teams, across organizational boundaries and multiple time zones, and with employees at all levels of the organization;
- Knowledge in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes;
- Knowledge of basic software applications and the types of vulnerabilities that have been found in those applications;
- Knowledge of Unix/Linux and Windows operating systems structures and internals. (e.g., process management, directory structure, installed applications);
- Knowledge of capabilities and applications of network equipment including routers, switches, bridges, servers, transmission media, and related hardware;
- Ability to simultaneously handle multiple projects effectively and adjust to changing priorities; and
- Strong critical thinking/analytical skills, creativity, and a proven drive for quality.
Salary and Benefits: HRW seeks exceptional applicants and offers competitive compensation and employer-paid benefits. HRW offers a relocation assistance package and will assist employees in obtaining necessary work authorization, if required; citizens of all nationalities are encouraged to apply.
How to Apply: Please apply immediately or by December 27, 2019 visiting our online job portal at careers.hrw.org and attaching a letter of interest and a resume or CV, preferably as PDF files. No calls or email inquiries, please. Only complete applications will be reviewed and only shortlisted candidates will be contacted.
- If you are experiencing technical difficulties with your application submission, please email firstname.lastname@example.org. Due to the large response, application submissions via email will not be accepted and inquiries regarding the status of applications will go unanswered.
- Human Rights Watch is strong because it is diverse. We actively seek a diverse applicant pool and encourage candidates of all backgrounds to apply. Human Rights Watch does not discriminate on the basis of ability, age, gender identity and expression, national origin, race and ethnicity, religious beliefs, sexual orientation, or criminal record. We welcome all kinds of diversity. Our employees include people who are parents and nonparents, the self-taught and university educated, and from a wide span of socio-economic backgrounds and perspectives on the world. Human Rights Watch is an equal opportunity employer.
- Human Rights Watch is an international human rights monitoring and advocacy organization known for its in-depth investigations, its incisive and timely reporting, its innovative and high-profile advocacy campaigns, and its success in changing the human rights-related policies and practices of influential governments and international institutions.