Senior Security Engineer

Ideally based in the -8 UTC to +4 UTC timezones | Tech | Full-time | Fully remote

Apply

About Avaaz

Avaaz is an international campaigning and advocacy organization that provides its global membership of millions of people with opportunities to change the world. This includes protecting our planet from climate change and other threats, and fighting to stop disinformation from undermining our democracies. 

Senior Security Engineer Position Overview 

The Senior Security Engineer will be part of a team that has responsibility for all security aspects of Avaaz’s technology, systems, communications, and staff. We are seeking a candidate with a strong technical background, hands-on experience implementing security across the full breadth of the technology stack and a strong ability to provide balanced and pragmatic security solutions.

Responsibilities

    - Design, implement and build security solutions across all technology that Avaaz runs.
    - Identify and apply relevant security best practices across Avaaz applications and infrastructure.
    - Provide continued compliance of the organisation with applicable security and data protection standards (e.g. GDPR).
    - Provide security advice on proposed new technologies, projects and campaigns.
    - Identify new security solutions and tools to improve Avaaz security.
    - Perform security monitoring/operations tasks and incident response.

Qualifications

You should apply for this role if you have most of the following: 

    - A growth mindset and a desire to challenge yourself
    - A deep commitment to making an impact in the world
    - At least 5 years of experience in a security engineering role, OR at least 3 years in a security role and 3 years in hands on implementation/engineering roles (eg. sysadmin/DevOps roles).
    - Experience implementing and/or securing cloud computer environments such as Amazon AWS or Google Cloud Platform
    - Experience in designing and implementing security solutions to protect applications, networks and infrastructure from threats.
    - Ability to quickly make security recommendations on new technologies/projects by applying security principles/best practices.
    - Familiarity and solid knowledge of how cloud-hosted modern web applications are designed, built and deployed.
    - Python, Javascript or shell scripting skills, primarily with the focus of implementing security solutions and automating security processes.
    - Highly flexible with rapidly-shifting needs and priorities.
    - Delivery-oriented with high attention to detail and without paralysing perfectionism.
    - Ability to deliver complex technical subjects to technical and non-technical audiences.
    - Fluency in English is a requirement. Additional languages are an asset.

It is also beneficial if you have any of the following experience/skills:

    - Solid understanding of zero trust network/BeyondCorp principles and designing security solutions that follow those principles.
    - Experience with infrastructure as code (Ansible/Puppet/Chef/others).
    - Experience implementing and/or performing security monitoring/operations (SIEM, WAF, IDS, log analysis, etc.)
    - Broad application security exposure (across secure coding and architecture, common application security vulnerabilities, threat modeling, and/or vulnerability management)
    - Experience in providing security advice/consulting for technology projects (either internal or external to an organisation)
    - Experience in security configuration of computers and mobile devices. In particular, strong macOS, Android and iPhone management, security and troubleshooting experience.
    - Exposure to security incident response processes and execution.

Location

This position is remote and ideally based in the -8 UTC to +4 UTC timezones, with other locations considered. Avaaz is a virtual organization, with most of our work done online. Our staff members are based all over the world and ordinarily meet at team retreats twice per year. 

Compensation and Benefits

Salary varies with location and experience, but is highly competitive with leading nongovernmental organizations. Specific benefits also range with location:

   - 5 weeks paid vacation per year
   - 10 paid holidays per year
   - $3,000 USD or local equivalent for training and development per year
   - $1,500 USD or local equivalent for language development per year
   - Out-of-Home Workspace Rental

Our Commitment to Equity and Inclusion

As a global organization with millions of members around the world, it’s important to us that our team reflects the diversity needed to lead a movement of people from across the planet, rising to meet some of the most complex challenges humanity has ever faced. We believe we can only succeed by building a diverse team full of fresh perspectives and original ideas, and we are committed to creating a working environment in which everyone has an equal opportunity to fulfill their potential.

Our team includes native and non-native English speakers, the self-taught and university educated, people with all sorts of professional backgrounds. If doing the job you just read about would make you excited to come to work every day, if you’re talented, hard-working and committed to making a difference - we want you to apply.

Avaaz does not discriminate on the basis of race, ethnicity, colour, ancestry, language and accent, national origin, citizenship, sex, gender identity or expression, sexual orientation, age, family/parental or marital status, political affiliation, religion, socioeconomic class/caste, disability or any other characteristic protected by law.

If you have suggestions for us on how to put these values into practice in our hiring process, we’d value your input. Please write to us at recruitment@avaaz.org with the subject line ‘Hiring Feedback’.

We’ll provide reasonable accommodations for qualified applicants with disabilities or special needs to participate in the application process, so please let us know if you have such a request when you apply.