I
International Foundation for Electoral Systems

Senior Cybersecurity Consultant

Descripción del trabajo


About International Foundation for Electoral Systems (IFES): IFES advances democracy for a better future. We collaborate with civil society, public institutions, and the private sector to build resilient democracies that deliver for all. Our technical assistance and applied research develop trusted electoral bodies capable of conducting credible elections; effective and accountable governing institutions; civic and political processes in which all people can safely and equally participate; and innovative ways in which technology and data can positively serve elections and democracy. Since 1987, IFES has worked in more than 145 countries, from developing to mature democracies. In accordance with IFES’ approach: A society is able to reach its full potential in a world in which people of all genders are fully engaged as equal partners in their families, workplaces, and communities. Based on international human rights standards and best practices, IFES promotes political participation, justice, and equal rights around the world. IFES reflects these values in its programming and workplace culture.
The greatest assets of IFES are our team members. IFES offers competitive benefits and pays, as well as the opportunity to work in a dynamic and collaborative environment. Every member of the IFES team is responsible for carrying out the mission of IFES and integrating IFES values into their work every day: Commitment to Excellence, Effective Communication, High-Quality Decision-Making, Accountability, Teamwork, and Collaboration.

Objectives:
Support the National Electoral Council (CNE) to strengthen its cybersecurity and data security ahead of the February 2025 (and potential April 2025) elections, including addressing emerging needs throughout the electoral calendar;
Work with the CNE to conduct a holistic assessment of its policies and regulations for information security management, review findings, and identify and mitigate any potential breaches or security gaps;
Recommend improvements and provide guidance on implementation of cybersecurity measures, based on the outcome of vulnerability tests, analysis of the information security management system, and cybersecurity assessments of the contingency cloud data center, among other related needs;
Support the assessment of the CNE’s cybersecurity systems (including protocols, policies, regulations, and procedures) to determine compliance with international standards, specifically ISO270001;
Attend and conduct meetings with the CNE and other stakeholders;
Assist the CNE in developing and implementing an information security action plan;
Support the CNE’s needs in ethical hacking services or vulnerability tests through targeted service procurements from a third-party tester and technical accompaniment through the testing process;
Support the CNE in working with multiple stakeholders on issues related to cybersecurity to strengthen its network of support;
Help deliver a post-election lessons learned workshop with a focus on cybersecurity; and
Other duties as assigned.

Deliverables:
Weekly reports detailing updates on support to the CNE;
Finalized information security action plan;
Assessment of CNE cybersecurity policies and regulations including recommendations
Post-election analysis of the CNE’s cybersecurity performance in the elections;
Final report on the results of the assistance provided; and
Workshop reports, including photos, sign-in sheets, and other records as appropriate.

Qualifications:
Master’s degree in information technology, cybersecurity, electoral technology, or a related field?
Required fluency in spoken and written Spanish
Detail-oriented and organized
Ability to prioritize, handle multiple tasks, and consistently meet tight deadlines
Strong knowledge of application of cybersecurity principles

Experience:
10-15years of experience in cyber and information security related to election administration and international program management.
Minimum of 5 years of experience with international donor-funded activities in cybersecurity and information technology.
Experience working in Latin America required; experience working in Ecuador preferred.
Experience working with electoral management bodies (EMBs) on cybersecurity issues required; experience working with Ecuador’s CNE preferred.
Strong knowledge of international cybersecurity standards, specifically ISO270001, required.
Proven track record developing threat mitigation and security action plans for EMBs.

International Foundation for Electoral Systems Senior Cybersecurity Consultant