Founded in 2012, The Syria Justice and Accountability Centre (SJAC) is a nonprofit organization dedicated to promoting meaningful justice for Syria that holds perpetrators accountable and addresses the grievances of victims, leading to lasting peace and respect for human rights.
SJAC is embarking on a project to enhance the security and deployability of its open-source software, Bayanat. The Security Consultant will provide support to the Program Coordinator/and IT team to improve current security features, develop new features and ensure the security of deployment methods and tools.
General Duties and Responsibilities
Evaluate the security properties of Bayanat and provide expert advice on improvements
Advise SJAC’s IT Team on security concerns when building new features and deployment tools
Contribute to creating and maintaining secure Docker images of Bayanat
Test prototypes and analyze source code and tools for vulnerabilities
Develop documentation for secure cloud and on-premise deployment of Bayanat
Develop documentation on the technical and operational threats that human rights organizations experience when using Bayanat
Develop a threat model for Bayanat, identifying specific areas to enable security experts to evaluate the database’s technical properties
Attend team calls
Skills and Experience
Bachelor’s degree in computer science or related field, focus on cyber security is a plus. Significant work experience in cyber security may be acceptable in lieu of a formal degree in these areas
3-5 years’ experience working in a cyber security capacity
Experience with Linux OS security
Experience with Docker and its security
Extensive knowledge of web applications and network security
OWASP Top 10, threat modelling, intrusion prevention and detection
Knowledge of Bayanat tech stack or similar technologies
Other desirable experience:
Knowledge of FIDO2
Experience working with open-source solutions and projects, programs or research related to the human rights and justice sector
Knowledge of risks and mitigation of state-sponsored cyber-attacks
SJAC is a diverse organization made up of 40+ team members around the globe. We pride ourselves in our ability to implement programming that is inclusive and responsive to the needs of all Syrians, and believe that our own team’s diversity of viewpoints and experiences helps us to achieve that goal. We encourage all interested applicants to apply, regardless of race, religion, national origin, gender, gender identity, **gender** orientation, disability, or age.
To apply, please send an email with the subject line “Cyber Security Consultant” to firstname.lastname@example.org, providing a cover letter, resume and proposed hourly rate. Applications will be reviewed on November 11, 2022.