CYBERSECURITY AND DATA PROTECTION OFFICER
Job Description
"Please apply to the position on Vista here: https://jobs.amideast.org/public/jobs/2023-078P3282.htm
Applications NOT uploaded into the above link will NOT be considered.
COMPANY DESCRIPTION:
Established in 1951, Amideast is an American nonprofit organization dedicated to creating hope, opportunity, and mutual understanding among people in the Middle East, North Africa, and United States through life-changing opportunities for education and cultural exchanges. Working with local, regional, and international partners, we provide programs and services that improve educational opportunity and quality, expand access to U.S. study, empower youth and women, strengthen local institutions, and develop language and professional skills for success in the global economy. Headquartered in Washington, D.C., Amideast operates offices in 11 countries in the MENA region. For more information, visit us at www.amideast.org.
POSITION DESCRIPTION:
The Cybersecurity and Data Protection Officer’s role is to ensure the secure operation of on-premise and hosted computer systems, servers, and network connections. This includes checking server and firewall logs, scrutinizing network traffic, establishing and updating virus scans, and troubleshooting. The incumbent will also analyze and resolve security breaches and vulnerability issues in a timely and accurate fashion, and conduct user activity audits where required, work with cloud vendors and evaluate their security practices.
RESPONSIBILITIES:
Develop, implement, maintain, and oversee enforcement of policies, procedures, and associated plans for system security administration and user system access based on industry-standard best practices
Design and implement disaster recovery plan for operating systems, databases, networks, servers, and software applications
Design and implement incident response plans based on filed office laws and regulations
Design, implement, and monitor data protection policies and procedures
Assess need for any security reconfigurations and execute them if required
Keep current with emerging security alerts and issues
Conduct research on emerging products, services, protocols, and standards in support of security enhancement and development efforts
Interact and negotiate with vendors, outsourcers, and contractors to obtain protection services and products
Recommend, schedule, and perform security improvements, upgrades, and/or purchases
Deploy, manage, and maintain all security systems and their corresponding or associated software, including firewalls, intrusion detection systems, cryptography systems, and anti-virus software
Administer and maintain end user accounts, permissions, and access rights
Manage connection security for local area networks, Company website, Company intranet, and e-mail communications
Manage and ensure the security of databases and data transferred both internally and externally
Design, perform, and/or oversee penetration testing of all systems to identify system vulnerabilities
Design, implement, and report on security system and end user activity audits
Monitor server logs, firewall logs, intrusion detection logs, and network traffic for unusual or suspicious activity. Interpret activity and make recommendations for resolution
Recommend, schedule (where appropriate), and apply fixes, security patches, disaster recovery procedures, and any other measures required in the event of a security breach
Evaluate new security software and/or technologies
Provide on-call security support to end-users
QUALIFICATIONS AND SKILLS:
Required
College diploma or university degree in the field of computer science and/or 5 years equivalent work experience
One or more of the following certifications:
GIAC Security Essentials Certification
GIAC Certified Enterprise Defender
ISACA Certified Information Security Manager
Microsoft Certified Systems Engineer: Security
(ISC)2 SCCP
(ISC)2 CISSP
(ISC)2 ISSAP
Broad hands-on knowledge of firewalls, intrusion detection systems, anti-virus software, data encryption, and other industry-standard techniques and practices
In-depth technical knowledge of network, PC, and Microsoft and Linux operating systems
Working technical knowledge of current systems software, protocols, and standards
Strong knowledge of TCP/IP and network administration/protocols
Hands-on experience with devices such as hubs, switches, and routers
Knowledge of applicable practices and laws relating to data privacy and protection
Knowledge of law enforcement practices and procedures in the US and the MENA region
Intuition and keen instincts to preempt attacks
High level of analytical and problem-solving abilities
Ability to conduct research into security issues and products as required
Strong interpersonal and oral communication skills
Highly self-motivated and directed
Strong organizational skills
Excellent attention to detail
Ability to effectively prioritize and execute tasks in a high-pressure environment
Able to work in a team-oriented, collaborative environment
Preferred
Fluency in Arabic and French languages
WORK ENVIRONMENT:
The incumbent in this position will work in a professional office environment and will utilize the following equipment when working from the corporate office or remote home office (temporarily due to COVID-19).
Computer (laptop or desktop)
Printer/Photocopier/Scanner/Fax
Telephone
Other (Specify if any)
Up to 5% business travel may be needed to support business initiatives as needed.
The physical demands and work environment that have been described is representative of those an employee encounters while performing the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions in accordance with the Americans with Disabilities Act.
This position description is an overview of the major functions and requirements of this position. This document is not intended to be an exhaustive list encompassing every duty and requirement of the position; the Employee’s Manager may assign other duties as related or as otherwise deemed appropriate and necessary within the general scope, without the need for additional compensation.
Amideast is an equal opportunity employer and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.
Positions that involve interaction with children will be required to read, acknowledge, and comply with and attend special training in accordance with the Child Protection and Safeguarding policy. All Amideast representatives must comply with the Code of Conduct and all applicable organizational policies.
"
