Security Analyst

Location: Remote (Central European Time - CET +/- 3hrs) or Amsterdam/Sarajevo office.

Application Deadline: 31st July 2024

About OCCRP

With staff across six continents and hubs in Amsterdam, Washington, D.C., and Sarajevo, OCCRP is one of the largest investigative journalism organizations in the world. We are a nonprofit, mission-driven newsroom that partners with other media outlets to publish stories that spur action. OCCRP is also a media development platform that advances investigative reporting worldwide.

Our mission is to spread and strengthen investigative journalism around the world and expose crime and corruption so the public can hold power to account. Our work has four main pillars:

• Investigations - We lead collaborative cross-border projects and publish hard-hitting stories.
• Infrastructure - We provide training, tools, and resources so investigative outlets can thrive.
• Innovation - We develop new technology and solutions that serve the field of journalism.
• Impact - We accelerate the fight against global crime and corruption with groundbreaking partnerships.

Position Overview

The Information Security team provides the tools, processes, training and support needed to keep information and, most importantly, people safe.

The nature of our work means that we deal with actual attacks and threats daily. State actors and organized crime entities do and will continue to target our staff.

We are looking for an experienced security analyst to join our small team.

This role suits someone who enjoys the technical side of information security analysis and providing guidance to others. You must be able to communicate fluently (C2) in both written and verbal forms in English.

Although remote, you must be within a time zone that is European CET/CEST +/- 3hrs, applications from outside these time zones will be ignored.

We provide support to users globally, so from time to time; there may be a need to talk to someone outside traditional work hours. There is a limited amount of travel associated with this role, including possible attendance at conferences. So the ideal candidate must be willing to travel occasionally (1-4 times a year).

This is a “doing” role, with an expectation that threat hunting, intelligence gathering and forensic analysis are something that you enjoy. The role will also have input into wider Governance, Risk and Compliance activities, including aligning policies and processes with ISO27000 etc.

Responsibilities

• Protect, detect, and respond to information/cyber security incidents.
• Perform threat hunting and threat intelligence activities.
• Perform forensic analysis using a variety of E/XDR tooling across user endpoint devices.
• Formulate security strategies by researching emerging attack techniques and trends, and identifying necessary measures for teams to ensure data protection.
• Produce continuous reports, detailing security incidents and corresponding responses.
• Assist with risk assessments and other GRC work, including policy development and maintenance.
• Participate in selecting security solutions or enhancements to existing ones to improve overall security.
• Work with our platform engineers to ensure secure practices are used to operate our cloud environments.
• Provide guidance to developers around secure coding practices.
• Provide monthly input to internal newsletters about security tips or items of note.
• Maintain positive relationships with vendors and civil society organizations.

Qualifications/Education

Minimum requirements:

• At least three years of experience in cyber security.
• Proven hands-on experience with security tooling, intrusion prevention systems, endpoint protection, security incident analysis.

Ideal additional knowledge & skills:

• Previous work experience in a security operations center.
• Previous work experience dealing with staff with low technical literacy.
• Relevant security certifications.
• Follow international news closely and react if it might affect our network of journalists.
• Ability to speak Spanish would be an advantage.

What’s In It For You?

• Work in an organization that’s at the forefront of investigative journalism.
• Working in an organization where the threats are both real and actionable.
• Being able to work from home (remote). Or from an office (Amsterdam/Sarajevo).
• Working with a small but friendly team.
• Professional development opportunities are available depending on your goals.

To Apply

To apply, please email your CV and a Cover Letter to jobs[at]occrp.org

All applications must be submitted in English. Incomplete applications will not be considered. Whilst we have internal goals to reply to unsuccessful candidates, we regret that the high number of applicants greatly exceeds our capacity to respond to each person. We apologize that we will not be able to reply to any unsuccessful applicants.

As an equal-opportunity employer, OCCRP values having a diverse workforce and continuously strives to maintain an inclusive and equitable workplace. We offer competitive compensation and benefits and encourage people with a diverse range of backgrounds to apply. We do not discriminate against any person based on race, religion, color, national origin, sex, medical conditions, family status, sexual orientation, gender identity, gender expression, age, disability, genetic information, or any other legally protected characteristics. If you are a qualified applicant requiring assistance or an accommodation to complete any step of the application process, please contact hr[at]occrp.org