Information Security Administrator – Brindisi

Position Summary

Job CategoryVacancy
Vacancy Notice NumberICC-19-BSI-21
Position TitleInformation Security Administrator
Position TypeFixed Term
Number of Positions1
Date of Issue10/04/2019
Date of Closing05/05/2019
GradeG5
Annual Salary EstimationEUR 30,419 (net, single rate)
Duty StationBrindisi, Italy
Organizational Location/UnitInformation Security Services
Note:Applications from women are particularly encouraged for this vacancy

Position Description

Are you a motivated Information Security Administrator with experience in investigating alerts, anomalies, intrusions and malware? Do you want to be part of a dynamic multicultural team of IT security experts and work for a number of prestigious clients from the United Nations system and other IOs? Then join the United Nations International Computing Centre (UNICC) in our Brindisi office, and contribute to address security challenges

Objectives of the Programme:

The objectives of the Centre, as stated by its mandate, are to provide information and communication technology (ICT) services (including training) on an inter-organizational basis.

Main duties and responsibilities:

Under close supervision of Head, Information Security Services, and in close collaboration with the Information Security Services team members, the post holder will perform information security assessments on ICC and partner infrastructure, comparing them to industry best practices like CIS Benchmarks, NIST guidelines, etc. More specifically s/he will:

  • Be part of a team of Security operations professionals investigating alerts, anomalies, errors, intrusions, malware, etc. which aim is to identify the responsible, to determine remediation, and to recommend security improvements;
  • Review security events that are populated in a Security Information and Event Management (SIEM) system;
  • Monitor and investigate a variety of network and host-based security appliance logs preconfigured on SOC dashboards (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident;
  • Follow precise analytical procedures to help determining the nature and scope of problems being reported by tools, e-mails, alerts, etc;
  • Document all activities related to an incident and provide status updates during the life cycle of the incident;
  • Run vulnerability scans and reviews vulnerability assessment reports. Manages and configures security monitoring tools;
  • Open tickets and assign them to Tier II or Tier III common SOC analysts after eliminating false positives;
  • Responsible for working in a 24×7 Security Operation Centre (SOC) environment;
  • Perform other duties as assigned.

Recruitment Profile

Experience and Skills required:

Essential

  • 5 years of relevant experience in administration /support of one of the following services or technologies
    • Active Directory Services
    • Perimeter network infrastructure (IPS/IDS/Firewalls)
    • Operating systems (Windows 2008, Windows 2012, Windows 10, Linux, Apple iOS)
    • Exchange /Domino/Email services
    • Active Directory Federation Services
    • Endpoint protection tools
    • SIEM/log management solutions
  • Knowledge of Transmission Control Protocol / Internet Protocol (TCP/IP) protocols
  • Knowledge of SIEM tools like Splunk, Q Radar, Arc Sight, Net Witness. Ability to develop queries, data models and dashboards
  • Knowledge of email security, network monitoring, and incident response
  • Knowledge of Linux/Mac/Windows Operating Systems
  • Excellent communication skills

Desirable

  • Experience in vulnerability management and security incident response activities
  • Experience on an Incident Response team performing Tier I/II initial incident management.
  • Programming skills (Python, Ruby, PHP, C, C#, Java, Perl, and more)
  • Knowledge of  security controls in line with CIS benchmarks, NIST guidelines or other best practices
  • Moderate knowledge of security related technologies and their functions (IDS, IPS, EDR, IRP, FW, WAF, SIEM, etc.)

Education:

Essential

  • Graduation from secondary school supplemented by specialized training in IT
  • Any of the following certifications: GCIH, CEH, GCFA or any SANS certification or training

Desirable

  • CISSP
  • ITIL

Languages:

  • Expert knowledge of English is required;
  • Knowledge of another UN language is desirable.

Other Information

Eligibility:

This position is subject to local recruitment pursuant to staff rule 4.4 of the United Nations Staff Rules. All staff in the General Service and related categories shall be recruited in the country or within commuting distance of each office, irrespective of their nationality and of the length of time they may have been in the country. A staff member subject to local recruitment shall not be eligible for the allowances or benefits exclusively applicable to international recruitment.

Compensation:

Annual Salary Estimation (net of tax at single rate): EUR 30,419.

UNICC also offers generous leave and absence allowances, flexible working hours, overtime compensation, teleworking, access to training, and depending on eligibility other benefits such as relocation grant, dependency allowance, language allowance, or education grant.

Closing date for applications:

Applications will be accepted until midnight (Geneva Time) on 5 May 2019.

Notes:

  • Technical and/or personality tests may be carried out as part of the selection process
  • Only short-listed candidates will be contacted
  • Though you may not be selected for this advertised position, the ICC will keep your application in a roster if your profile is deemed to be of potential interest for the Centre. You may thus be solicited by our HR department to participate in an interview for another position

Applications from women are particularly encouraged for this vacancy