The UNICC workforce consists of many diverse nationalities, cultures, languages, and opinions. UNICC seeks to sustain and strengthen this diversity by ensuring equal opportunity and an inclusive working environment for its entire workforce. Applications are encouraged from all qualified candidates without distinction on grounds of race, ethnicity, sex, national origin, age, religion, disability, sexual orientation and gender identity.

Purpose of the Position:

Within the Cybersecurity Division, the incumbent will provide support to design, architect, install and manage cSOC technologies such as Security Information and Event Management (SIEM), Malware Information Sharing Platform (MISP), Malware Sandbox, threat hunting tools etc., infrastructure including but not limited to implement new use cases, troubleshooting and optimization.

Objectives of the Programme:

The objective of the Centre is to provide trusted ICT services and digital business solutions to its Clients and Partner Organizations.

Main duties and responsibilities:

The incumbent will work under the direct supervision and guidance of the Head, Cybersecurity Operations Unit (CSO) within the Cybersecurity Division (CS) and in close collaboration with other cybersecurity teams. The incumbent could be requested to do any others tasks of similar level in related fields. The incumbent will provide support on the following duties:

• Maintain and troubleshoot the CSOC infrastructure, regular maintenance and access controls management
• Support the technical onboarding of new clients on the CSOC technologies
• Support onboarding and maintenance of a wide variety of data sources to include various OS, appliances, applications and cloud logs
• Contribute translating customer requirements in SIEM technical implementations
• Identify and analyze any issues as they arise with SIEM data ingestion, and propose solutions for remediation
• Maintain and customize scripts for manipulation of multiple data sources to support customer monitoring requirements
• Under guidance, coordinate with clients and internal teams changes related to SIEM
• Support Security Incidents when required
• Other: Provide other ad hoc support either within the team or in other teams as required – this includes the participation in special projects or support to service delivery for short period of time on a part-time or full time basis upon request from the senior management

Experience and Skills required:

Essential:

• At least two (2) years of experience integrating network security/system security related events within security incident event management tools (SIEMs)
• Demonstrated knowledge of SIEM tools such as Splunk or ELK
• Good understanding of SIEM concepts such as correlation, aggregation, normalization, and parsing
• Experience or exposure in one of the following fields is desirable:
• Contributing to security incident response activities
• Reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs)
• Good understanding of Cyber Security Operations
• Knowledge of management of cloud-based infrastructure (e.g. Azure, AWS)
• Linux Administration skills

Desirable:

• Experience in one or more of the following fields is desirable:
  • System administration
  • Network administration
  • Software development
  • Managing cloud based infrastructure (like Azure, AWS etc)
  • Using Microsoft Active Directory services
• Expert knowledge with at least one of following EDR solutions (e.g. Windows Defender ATP, Crowdstrike, RedCloak or Sentinel One)

Education*:

Essential:

• First university degree in Computer Science or related area

Desirable:

• Specific cybersecurity certifications, such as CISSP, CISA, Splunk Enterprise Data Administrator, Splunk Enterprise System Administration, Splunk Fundamentals 1 or 2
• Industry certifications like OSCP/E, CPP, ISO 27001 Lead Implementer, ISO 27001 lead auditor, cloud security certifications like CCSP

Languages:

• English: Expert knowledge is required

UNICC Global Competencies:

• Teamwork: Develops and promotes effective relationships with colleagues and team members. Deals constructively with conflicts.
• Communicating: Expresses oneself clearly in conversations and interactions with others; listens actively. Produces effective written communications. Ensures that information is shared.
• Respecting and promoting individual and cultural differences: Demonstrates the ability to work constructively with people of all backgrounds and orientations. Respects differences and ensures that all can contribute.
• Knowing and managing yourself: Manages ambiguity and pressure in a self-reflective way. Uses criticism as a development opportunity. Seeks opportunities for continuous learning and professional growth.
• Producing results: Produces and delivers quality results. Is action oriented and committed to achieving outcomes.

Eligibility:

This vacancy notice is open only to internal candidates

Compensation:

Annual Salary Estimation (net of tax at single rate):

Rome, (Italy) including post adjustment (36% on July 2023): US$ 66,985

UNICC also offers generous leave and absence allowances, flexible working hours, overtime compensation, teleworking, access to training, and depending on eligibility other benefits such as relocation grant, dependency allowance, language allowance, or education grant.

Closing date for applications:

Applications will be accepted until midnight (Geneva Time) on 03 August 2023.

Notes:

Technical and/or personality tests may be carried out as part of the selection process
Only short-listed candidates will be contacted
Though you may not be selected for this advertised position, the UNICC will keep your application in a roster if your profile is deemed to be of potential interest for the Centre. You may thus be solicited by our HR department to participate in an interview for another position

* For UNICC staff members who do not meet the minimum educational qualifications, please refer to the applicable WHO e-Manual Annex 6 – Guidelines on Standard Minimum Experience Exposure and Education Requirements

The UNICC workforce consists of many diverse nationalities, cultures, languages, and opinions. UNICC seeks to sustain and strengthen this diversity by ensuring equal opportunity and an inclusive working environment for its entire workforce. Applications are encouraged from all qualified candidates without distinction on grounds of race, ethnicity, sex, national origin, age, religion, disability, sexual orientation and gender identity.