• Define secure design of business, IT, and security solutions.
• Participate in designated projects and business initiatives as the security subject matter expert.
• Review security requirements and assess the security posture to identify gaps or improvements.
• Support the development and implementation of security and compliance legislation, such as GDPR or FISMA.
• Work in tandem with other Operations’ teams to provide repetitive validation testing prior to production while allowing for a continuous cycle of system development followed by security assessments.
• Document security findings with reasonable methods to secure.
• Attend and participate in application projects and change management committees. This includes interacting with business units and technical teams to understand what is coming and how their projects can be more secure from the beginning.
• Review business processes from security perspective and identify threats, risks, and solutions accordingly.
• Contribute to RFE/RL security standards, guidelines, and policies.
• Remaining up to date with the latest security systems, standards, authentication protocols, and products.
Perform other related duties as assigned.
MINIMUM QUALIFICATIONS
Education:
• University Degree (Information Technology or similar) with 3-5 years of experience in the domain
• Security certifications preferred: Microsoft, SANS/GIAC, ISACA, (ISC)², or equivalent
Work Experience:
• At least 3 years in an IT Security role with an overall responsibility for IT Security architecture design and implementation.
• Highly technical and analytical experience, with strong understanding of security protocols, authentication, and security.
• A strong working knowledge of current IT risks, security implementations, operating systems, and computer software.
• Proficiency in Microsoft security best practices, Microsoft Defender for Cloud Apps (Microsoft Cloud App Security) incl. Office 365 Cloud App Security, Microsoft 365 Defender (Microsoft Defender for Cloud Apps), Exchange Online Protection, servers and applications hosted in Microsoft Azure, Data Loss Prevention, Conditional Access App Control, etc.
• Agile methodology and DevSecOps experience (highly desirable).
• Knowledge in operational models, business continuity plan, disaster recovery plan (desirable).
Competencies:
• Ability to perform plan, research, and design security architectures.
• Proven interest in cyber security topics and willingness to develop expertise in the domain of IT security.
• Excellent analytical, autodidactic, and problem-solving abilities required (especially if incomplete information is provided).
• Strong organizational and communication skills (both verbal and written).
• Natural motivation to integrate multidisciplinary international IT teams.
• Well-developed interpersonal skills with the ability to effectively communicate with a wide range of individuals and teams.
• Standard of excellence with work processes and outcomes, honoring company policies and regulatory requirements.
• Team oriented, with the ability to build strong working relationships and a positive work environment.
• Receptive to feedback, willing to learn, embracing continuous improvement.
Languages:
• Strong command of English is required.
• Other languages a plus
Should you be interested in this position please apply by submitting your CV and a cover letter in English.
Apply at: https://www.lmcg2.com/asmt/index.jsp?brand=g2&reportId=JOF&advId=1596267580&rps=202
Appointment against this post is on a local basis only. Please note that for the locally advertised positions preference will be given to those with a work permit and/or a valid residence status in the Czech Republic. Locally recruited employees should reside within commuting distance of Prague, Czech Republic, or be willing to move to take up work. They are not eligible for allowances applicable to candidates who are internationally recruited. Rather, they receive statutory benefits as per Czech labor law. Salary scales for locally recruited employees are based on the best prevailing local conditions. RFE/RL does, however, cover the costs of interview travel and, upon appointment, some relocation costs.
Note: In response to changing operational requirements, RFE/RL retains the discretion not to make an appointment, or to modify the job specifications for a particular vacancy.