At International Justice Mission (IJM), we’re leading the fight against slavery and human trafficking. As the largest anti-slavery organization in the world, our mission is to protect the poor from violence by rescuing victims, bringing the criminals to justice, restoring survivors to safety and strength, and helping local law enforcement build a safe future that lasts.
Motivated by God’s call to seek justice for the oppressed, we also believe that the way we work is as important as the results we achieve. We are a global community that cares for one another. We value joy and celebration in the midst of difficult work, and we seek to offer the best professional excellence to those we serve.
IJM has cast a vision for 2030 which involves mobilizing partnerships to scale our work of rescue and rehabilitation, expanding our global footprint, and leveraging data to effectively prove to the world that our model can end slavery. To support this initiative, IJM must rapidly grow the cyber security program to secure our global technology infrastructure and cloud services. This position will have an active role in the definition, operation and evolution of security practices and procedures.
• Operate and support various 3rd party and open source security tools (IDS, Firewalls, Anti-malware, etc.);
• Perform hunting exercises using threat intelligence, analysis of anomalous log data and results of historical events and data to detect and response to threats;
• Assist with the development of processes and procedures to improve security operations functions, incident response times, analysis of incidents, and overall SOC functions;
• Monitor for security indicators by correlating and analyzing a variety of application, network and host-based security logs and determining the correct remediation actions and escalation paths for each incident;
• Develop anomaly detection dashboards and reports to identify potential threats, suspicious activity, and intrusions;
• Support repeatable processes for continuous testing and monitoring of IOCs following a proven methodology you help define;
• Research industry trends, identify ongoing security threats, analyze new security testing tools, and provide recommendations on the need and usefulness of services and/or products;
• Effectively communicate security concepts with both technical and non-technical individuals;
• Provide information regarding intrusion events, security incidents, and other threat indications and warning information to teams and leadership as part of incident response; and
• Contribute to the publication of security metric data of discovery, triage and trending analysis of team findings.
• Bachelor’s Degree in Information Assurance, Security, Management Information Systems, Risk Management or equivalent work experience acceptable;
• 2-3+ years of related cybersecurity architecture, engineering, or SOC work experience (monitoring, detection, incident response, forensics) supporting Windows on-premises as well as cloud IaaS;
• Ability to write scripts/code using Python, Perl, Powershell, or an equivalent language;
• Excellent written and verbal communications, including presentation skills, are important to be successful in this role;
• Desired Red/Blue team experience turning findings into actionable detections and mitigations;
• Preferred knowledge of current advanced adversary TTP’s and experience responding to APT attacks;
• Understanding of privilege escalation, persistence, and lateral movement techniques;
• Understanding of host and network Incident Response processes, tasks, and tools
• Excellent customer service skills required;
• Knowledge of the chain of custody process and properly securing evidence;
• Knowledge of operational security tools and practices (e.g. IDS, firewalls, & 3rd-party security products);
• Ability to both work independently with minimal direction and to collaborate effectively with local and remote teams with a strong customer focus;
• Experience working in a large cloud or Internet software company preferred;
• Be available on an on-call basis to respond to pending issues or problems arising during non-business hours and provide support and response; and
• Certifications such as SANS/GIAC, OSCP or specific network and security vendor certifications highly desireable.
• Mature orthodox Christian faith as defined by the Apostles’ Creed;
• Ability to work collaboratively on a team and independently with administrative capacity and with minimal oversight;
• Ability to effectively manage time according to both changing priorities both self-discovered and as directed;
• Friendly, professional demeanor and composure under pressure;
• Adept at creative problem solving; and
• Sustained positive attitude.
Upload Resume, Cover Letter & Statement of Faith* in one document.
*What is a statement of faith?
A statement of faith should describe your Christian faith and how you see it as relevant to your involvement with IJM. The statement can either be incorporated into the cover letter or submitted as a separate document and should include, at a minimum, a description of your spiritual disciplines (prayer, study, etc.) and your current fellowship or place of worship.