ICT Security Operations Officer

Your role in the team

Our expectations of you

Education

• A first-level university degree (Bachelor's or equivalent) in Information Security, Computer Science, IT Management, Engineering, or in a related field with a specialization related to cybersecurity / information security / ICT security is required.
• An advanced university degree (Master's or equivalent) or a Doctorate in the same fields are accepted with a reduced requirement for years of professional experience.
• A minimum of professional experience associated with the educational level is required, as follows:
• First-level university degree (Bachelor's): at least 8 years of relevant professional experience
• Advanced university degree (Master's): at least 5 years of relevant professional experience

Qualifications

• Operational monitoring of enterprise AI systems, detecting anomalous or malicious interactions, and enforcing secure AI usage policies, is desirable.
• Accredited Certification in Project Management, such as PMP or Prince2, is desirable.
• Accredited certification in ITSM, such as ITIL (v4 or v5), is desirable.
• Certification in any security operations or incident response, such as GIAC GCIH (Incident Handler), GCIA (Intrusion Analyst), GMON (Continuous Monitoring), GSOC (Security Operations), Microsoft SC-200 (Security Operations Analyst), or equivalent is desirable.
• Cloud security certification in any, such as Microsoft AZ-500 (Azure Security Engineer), AWS Certified Security - Specialty, Google Professional Cloud Security Engineer, CCSP (Certified Cloud Security Professional), or equivalent is desirable.
• Certification in Digital forensics and incident response (e.g., GIAC GCFA) is desirable.
• Certification in Application and software security (e.g. CASE, OSWE) is desirable.
• Fluency in written and spoken English is required.
• Fluency in or working knowledge of other United Nations language(s)) is desirable.

Experience

• Doctorate: at least 3 years of relevant professional experience
• Professional experience as a systems and/or security engineer in an Enterprise ICT enterprise environment, of which three (3) years of hands-on experience in configuration, administration, and troubleshooting in cybersecurity and ICT Infrastructure contexts is required.
• Hands-on experience with cloud security operations, including cloud security posture management (CSPM), identity and access monitoring, and remediation of misconfigurations in enterprise or hybrid environments, is required.
• Experience with standard operational procedure development, implementation, and compliance is required.
• Hands-on experience with security protection systems, tools and techniques (e.g., firewalls, proxies) is required.
• Hands-on experience in security monitoring, threat detection, incident response operations, and vulnerability management is required.
• Experience with security operations technologies, including Security Information and Event Management (SIEM), Security Operations Center (SOC) platforms, endpoint detection and response (EDR), intrusion prevention systems (IPS), web application firewalls (WAF), and email security systems, is required.
• Hands-on experience with application security operations, including vulnerability scanning and use of SAST/DAST tools, is required.
• Experience in contracting and overseeing service delivery of Managed Security Service Providers (MSSP) is desirable.
• Experience in information security forensics (concepts and tools) is desirable.
• Experience with ISO 27001 with relevant certifications is desirable.

What we offer