Radio Free Europe/Radio Liberty (RFE/RL) has a long and amazing history and now, you can be a part of it! Celebrating 70 years in existence, RFE/RL reports the news in 22 countries where a free press is banned by the government or not fully established. We provide what many people cannot get locally: uncensored news, responsible discussion, and open debate. Working for an organization with a mission such as ours brings a new dimension to what is normally just a ‘job.’
We are seeking an experienced Director of IT Security to join our unique international community of over 750 staff in Prague alone. We can assure you that our IT challenges may be unlike any you have seen before as we face bad actors who oppose freedom of the press and try to block the delivery of our news. If you believe in freedom of the press, this job is for you. Your expertise will help to ensure the delivery of free media in unfree societies. This job entails more than collecting a paycheck; it envelopes you in a mission.
How can you be a part of our exciting mission?
Director of IT Security plans, develops, implements and maintains programs, policies, tools and procedures to protect the confidentiality, availability and integrity of RFE/RL computing systems, networks, and data.
The Director of IT Security will be expected to work collaboratively and cross-organizationally in order to shape and improve our IT security practices.
Responsibilities include the following:
- Define, review and enforce information security policy, standards and guidelines for business operations and technology implementations;
- Manage a small team of IT Security staff;
- Implement Information Technology security provisions to assure adequate levels of security for personal data and sensitive information;
- Provide a range of IT security services and controls related to endpoint and network security to various technical departments.
- Promote company-wide IT security awareness and compliance;
- Proactively identify IT security risks including IT technical implementations or business processes;
- Ensure implementation of appropriate security policies in network and systems design;
- Develop information security contingency plans and disaster recovery procedures;
- Conduct security assessments and audits, penetration testing, forensic IT and incident response management;
- Review third-party processor’s compliance with security measures and data protection provisions;
- Identify, assess and report Personal Data breaches and handling incidents.
A passion for our mission!
- University degree, preferably in Information Technology, or equivalent years of experience and training.
- Proven experience successfully managing an IT Security function, including implementing security standards in an international enterprise;
- A Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM) credential.
- Experience planning, developing, implementing, coordinating, reviewing, and evaluating security specifications and procedures for IT security systems.
- Experience with code reviews to validate the application of security in the System Development Life Cycle.
Competencies and Skills
- Patience, humor and a collaborative spirit!
- Good oral and written communications skills in order to adequately describe and present findings and recommendations.
- Knowledge of a wide range of information technology and information assurance concepts including intrusion prevention and detection, defense in depth, penetration testing, identification vulnerability and management, network and host-based security systems, and networking protocols.
- Knowledge of and ability to evaluate the effectiveness of systems, devices, procedures and methods used to safeguard data in computer media and storage
- Knowledge of security monitoring tools, firewalls, Antivirus/Anti-spam tools, Intrusion Detection Devices, proxy servers, and routers
- English language required (Oral and Written)
- Other RFE/RL broadcast languages – 26 to choose from - or Czech language helpful
Should you be interested in this position please apply by submitting your CV and a cover letter in English.
Appointment against this post is on a local basis only. Please note that for the locally advertised positions preference will be given to those with a work permit and/or a valid residence status in the Czech Republic. Locally recruited employees should reside within commuting distance of Prague, Czech Republic, or be willing to move to take up work. They are not eligible for allowances applicable to candidates who are internationally recruited. Rather, they receive statutory benefits as per Czech labor law. Salary scales for locally recruited employees are based on the best prevailing local conditions. RFE/RL does, however, cover the costs of interview travel and, upon appointment, some relocation costs.
Note: In response to changing operational requirements, RFE/RL retains the discretion not to make an appointment, or to modify the job specifications for a particular vacancy.
By replying to this advertisement or sending your CV and/or other personal data to RadioFreeEurope/RadioLiberty, you are agreeing to having your data saved and managed by employees of the HR department of the company for possible future reference in full accordance with the law (no. 101/2000 Sb. regarding personal data protection). This agreement may only be withdrawn by a written revocation and remains valid until that date. However no longer than 5 years.
Odpovědí na tento inzerát či zasláním Vašeho životopisu a případných dalších osobních materiálů do společnosti RadioFreeEurope/RadioLiberty dáváte souhlas ke zpracování a uchování Vašich osobních údajů dle zákona č. 101/2000 Sb., o ochraně osobních údajů. Tento souhlas platí až do jeho odvolání písemnou formou, maximálně však po dobu 5 let.
Privacy notice for applicants
RFE/RL, Inc. is a private, nonprofit corporation funded by a grant from the U.S. Congress through the U.S. Agency for Global Media (USAGM). Due to regulations imposed on RFE/RL in order to finance its operations and due to contractual arrangements between RFE/RL and USAGM set up in its Grant Agreement, RFE/RL must ensure that every candidate, who enters into the final stage of the selection process for a position at RFE/RL undergoes a pre-employment check from public sources and a background security investigation/check after the acceptance of RFE/RL´s offer letter.
With respect to the above, all applicants are informed that:
• RFE/RL may use information from public sources during its selection process to perform one-time pre-employment checks which are conducted by RFE/RL; personal data (mainly name, surname, address, date of birth, personal identification number, telephone number, e-mail address ) will be collected and processed by RFE/RL for a maximum period of one year.
• Employment at RFE/RL is contingent upon the successful completion of a background security investigation/check performed after the acceptance of RFE/RL´s offer letter. Information about the collection and processing of personal data in this matter will be provided together with the offer letter.