Experienced in #InfoSec? Want to help journalists stay safe and change the world? OCCRP is hiring a Security Analyst:
This can be a remote position, but relocation to beautiful Sarajevo is welcome. Don't let the requirement list put you off, apply even if you feel you might not fully meet all them.
You'll be working in a global team of techies, using FLOSS technologies, keeping data and people safe and secure in the changing digital landscape.
Tell your friends, too!
A message from our Tech Team:
And yet we have not received a lot of applications so far.
Don't be shy. Don't let the Impostor Syndrome get to you. You don't need a diploma or dozens of certificates to apply. You won't be wasting our time.
We're hackers like you. We need you.
Don't you think ppl just afraid of something else and impostor syndrome is not the main reason. I guess working for OCCRP requires really high opsec discipline. Being valuable target and understand consequences is really taxing for ones mind
@mailoxy absolutely, and that's completely understandable.
We do our best to not broadcast publicly information about our Staff unless necessary and consented to. We have ways to work with people who need to not be publicly associated with us.
But we also know that impostor syndrome might be a thing keeping people from applying, and we'd like to make it clear it should not be.
@OCCRP I wish you the best candidates!
Side note: Just me or are job vacancies for these positions great material for any intruder doing his/her homework?
We try to tread this line carefully, and we try to have our systems set up in a way that the information we publish will not make us unsafe.
Information we published in that job description is reasonably expected to have already been available to a well-prepared attacker from other sources anyway.
@rysiek @OCCRP Thanks for elaborating. I wouldn't have a better answer myself. It was just one of the things that came to mind, and always comes to mind for me with such vacancies. The paranoia is there, but I lack some skills, otherwise I would've surely loved to help your organization become more secure. Keep up the good work!
Well, you didn't mention anything about salary; and as much as we want to help, a full-time position must be paid (and the amount it will be paid is a factor of the equation).
@LienRag it is a paid position, we mentioned:
> Honorarium will be based on experience and location: we’re a non-profit, but we take care of our Staff.
As an NGO we will not be able to pay a honorarium on the industry level from Silicon Valley, obviously. But we try to be fair.
Please apply and provide you salary expectations, and we will gladly discuss.
Everyone is welcome as long as you follow our code of conduct! Thank you. Mastodon.cloud is maintained by Sujitech, LLC.