This critical role for RFE/RL’s Digital Security Management System requires an experienced dedicated IT security strategist with practical experience. The role requires an independent individual with broad security management expertise to help develop and maintain the company’s security strategy through application of ISO 27002 and ITIL best practices to support FISMA requirements.
- Lead and coordinate RFE/RL Pangea FISMA program aligned to overall company Digital Security Management requirements, implementing, improving security compliance controls and ITIL processes
- Act as the primacy point of contact to implement the company’s FISMA security program in close coordination with the Pangea division, creating, maintaining and progressing strategic objectives and necessary documentation
- Support an overall integrated security management approach through configuration management standards
- Implement application security vulnerability management best practices through rigorous scans and penetration tests aligned to release management activities
- Design and schedule appropriate automated reports and appropriate technical compliance reviews and audits to maintain appropriate security protection
- Support RFE/RL’s overall security awareness training designed to support appropriate audiences and technical requirements
- Support the IT Security team’s overall security incident management process activities, response and reporting
- University Degree (Information Technology or similar)
- Security Certifications: CISSP, CISA, CISM or ISO 27001 Lead Auditor
- Minimum 3 years’ experience as security lead on maintaining an ISO 27001 security management certification system
- Comprehensive experience with implementing and managing ITIL processes in an international environment
- Experience coordinating and maintaining application security best practices on a virtualize environment, inclusive of vulnerability scans and penetration testing know-how
- Security Awareness expertise, including creating and presenting targeted training across a complex organization
- Practical know-how and expertise with Microsoft operating systems and cloud services (0365/Azure)
- Experience security leader in an international work environment
- FISMA implementation expertise
- ISO 27001 security management know-how implemented in a complex international environment (min. 3 years)
- ITIL process design and implementation
- CISSP, CISA or CISM certificationApplication Security expertise, including vulnerability scans and penetration testing
- Other languages a plus
Should you be interested in this position please apply by submitting your CV and a cover letter in English.
Appointment against this post is on a local basis only. Please note that for the locally advertised positions preference will be given to those with a work permit and/or a valid residence status in the Czech Republic. Locally recruited employees should reside within commuting distance of Prague, Czech Republic, or be willing to move to take up work. They are not eligible for allowances applicable to candidates who are internationally recruited. Rather, they receive statutory benefits as per Czech labor law. Salary scales for locally recruited employees are based on the best prevailing local conditions. RFE/RL does, however, cover the costs of interview travel and, upon appointment, some relocation costs.
Note: In response to changing operational requirements, RFE/RL retains the discretion not to make an appointment, or to modify the job specifications for a particular vacancy.