Radio Free Europe/Radio Liberty (RFE/RL) has a long and amazing history and now, you can be a part of it! Celebrating 70 years in existence, RFE/RL reports the news in 22 countries where a free press is banned by the government or not fully established. We provide what many people cannot get locally: uncensored news, responsible discussion, and open debate. Working for an organization with a mission such as ours brings a new dimension to what is normally just a ‘job.’
We are seeking an experienced Director of IT Security to join our unique international community of over 750 staff in Prague alone. We can assure you that our IT challenges may be unlike any you have seen before as we face bad actors who oppose freedom of the press and try to block the delivery of our news. If you believe in freedom of the press, this job is for you. Your expertise will help to ensure the delivery of free media in unfree societies. This job entails more than collecting a paycheck; it envelopes you in a mission.
How can you be a part of our exciting mission?
Director of IT Security plans, develops, implements and maintains programs, policies, tools and procedures to protect the confidentiality, availability and integrity of RFE/RL computing systems, networks, and data.
The Director of IT Security will be expected to work collaboratively and cross-organizationally in order to shape and improve our IT security practices.
Responsibilities include the following:
- Define, review and enforce information security policy, standards and guidelines for business operations and technology implementations;
- Manage a small team of IT Security staff;
- Implement Information Technology security provisions to assure adequate levels of security for personal data and sensitive information;
- Provide a range of IT security services and controls related to endpoint and network security to various technical departments.
- Promote company-wide IT security awareness and compliance;
- Proactively identify IT security risks including IT technical implementations or business processes;
- Ensure implementation of appropriate security policies in network and systems design;
- Develop information security contingency plans and disaster recovery procedures;
- Conduct security assessments and audits, penetration testing, forensic IT and incident response management;
- Review third-party processor’s compliance with security measures and data protection provisions;
- Identify, assess and report Personal Data breaches and handling incidents.
A passion for our mission!
- University degree, preferably in Information Technology, or equivalent years of experience and training.
- Proven experience successfully managing an IT Security function, including implementing security standards in an international enterprise;
- A Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM) credential.
- Experience planning, developing, implementing, coordinating, reviewing, and evaluating security specifications and procedures for IT security systems.
- Experience with code reviews to validate the application of security in the System Development Life Cycle.
Competencies and Skills
- Patience, humor and a collaborative spirit!
- Good oral and written communications skills in order to adequately describe and present findings and recommendations.
- Knowledge of a wide range of information technology and information assurance concepts including intrusion prevention and detection, defense in depth, penetration testing, identification vulnerability and management, network and host-based security systems, and networking protocols.
- Knowledge of and ability to evaluate the effectiveness of systems, devices, procedures and methods used to safeguard data in computer media and storage
- Knowledge of security monitoring tools, firewalls, Antivirus/Anti-spam tools, Intrusion Detection Devices, proxy servers, and routers
- English language required (Oral and Written)
- Other RFE/RL broadcast languages – 26 to choose from - or Czech language helpful
Should you be interested in this position please apply by submitting your CV and a cover letter in English.
Appointment against this post is on a local basis only. Please note that for the locally advertised positions preference will be given to those with a work permit and/or a valid residence status in the Czech Republic. Locally recruited employees should reside within commuting distance of Prague, Czech Republic, or be willing to move to take up work. They are not eligible for allowances applicable to candidates who are internationally recruited. Rather, they receive statutory benefits as per Czech labor law. Salary scales for locally recruited employees are based on the best prevailing local conditions. RFE/RL does, however, cover the costs of interview travel and, upon appointment, some relocation costs.
Note: In response to changing operational requirements, RFE/RL retains the discretion not to make an appointment, or to modify the job specifications for a particular vacancy.