Are you an experienced Information Security Specialist with the ability to work in autonomy to develop, implement, and monitor Information Security initiatives? Would you like to work for a number of prestigious clients from the United Nations system and other IOs, while being involved in a stimulating international environment? Than join the United Nations International Computing Center (UNICC) in our Geneva or New York office, and contribute to address security challenges.

Purpose of the Position:

Manage, Maintain, Develop and Grow ICC’s Common Security Operations Centre.

Objectives of the Programme:

The objectives of the Centre, as stated by its mandate, are to provide information and communication technology (ICT) services (including training) on an inter-organizational basis.

Main duties and responsibilities:

The incumbent will work under the guidance and supervision of the Head of CPI and in close collaboration with the CPI team. S/he will perform the following duties:

• Lead and manage Security Operations Center
• Primarily responsible for security event monitoring, management and response
• Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring
• Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives
• Revise and develop processes to strengthen the current Security Operations Framework, Review policies and highlight the challenges in managing SLAs
• Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Center
• Play a significant role in the development of the future roadmap of the SOC
• Perform threat management, threat modelling, identify threat vectors and develop use cases for security monitoring
• Responsible for integration of standard and non-standard logs in SIEM
• Creation of reports, dashboards, metrics for SOC operations.
• Support other information security services provided by ICC
• Perform other duties as required.

Experience and Skills required:

Essential

• Five years experience in managing a Security Operations Centre, and excellent knowledge of SOC operations
• Two years experience in leading security incident response and remediation operations
• Five years of experience in two or more of the following fields is essential:
  • System administration
  • Network administration
  • Software development
  • Managing cloud-based infrastructure (like Azure, AWS etc)
  • Implementing and designing Microsoft Active Directory services
• Excellent knowledge of incident response procedures and techniques
• Expert knowledge of SIEM tools like Splunk, QRadar, ArcSight, ELK. Developing queries, data models and dashboards
• Expert level knowledge of :
  • TCP/IP stack
  • Intrusion detection and prevention methods
  • Web application and cloud computing architectures
  • Structured risk assessment methodologies
• In-depth knowledge of Windows or Linux operating systems — management, architecture, networking environments, security models and controls.
• Excellent written & verbal communication skills
• Excellent people management, inter-personal, and teamwork skills
• Excellent conflict resolution skills
• Excellent problem solving skills

Desirable

• Experience with digital investigation products like Encase or FTK
• Experience in one of the following fields: Digital investigations, Malware reverse engineering, File system forensics, Memory forensics, Network forensics, Web application testing, or Vulnerability management
• Knowledge and experience in threat hunting
• Project management skills and ability to manage multiple projects under strict timelines
• A working knowledge of business management in international and/or not-for-profit environments
• Understanding of most of the following common security compliance frameworks, controls, and best practices: (SSAE 16 – SOC 2 and 3), OWASP Top 10, SANS, NIST.

Education:

Essential

• Bachelor’s equivalent university degree in computer sciences or related area
• At least one of the following technical certifications: CISSP, CISM, CISA, CSTA, CSTP, GCFE, OSCP, GCIH, GCIA, GCFA, or GPEN or similar certifications

Desirable

• Master’s fegree in Management Information Systems, Computer Science, or Computer Engineering or similar
• Industry certifications like CISSP, OSCP/E, CPP, ISO 27001 Lead Implementer, ISO 27001 lead auditor, cloud security certifications like CCSP
• Project Management qualification, such as PRINCE2
• Service management qualification, such as ITIL

Languages:

• Expert knowledge of English is required
• Working knowledge of Spanish is desirable

ICC Global Competencies:

• Producing results: Produces and delivers quality results. Is action oriented and committed to achieving outcomes.
• Communicating in a credible and effective way: Expresses oneself clearly in conversations and interactions with others; listens actively. Produces effective written communications. Ensures that information is shared.
• Moving forward in a changing environment: Is open to and proposes new approaches and ideas. Adapts and responds positively to change.
• Fostering integration and teamwork: Develops and promotes effective relationships with colleagues and team members. Deals constructively with conflicts.
• Building and promoting partnerships across the organization and beyond: Develops and strengthens internal and external partnerships that can provide information, assistance and support to ICC. Identifies and uses synergies across the Organization and with external partners.

Compensation:

Annual Salary Estimation (net of tax at single rate), including post adjustment (28.9% on March 2019): US$ 77,640

UNICC also offers generous leave and absence allowances, flexible working hours, overtime compensation, teleworking, access to training, and depending on eligibility other benefits such as relocation grant, dependency allowance, language allowance, or education grant.

Closing date for applications:

Applications will be accepted until midnight (Geneva Time) on 31 March 2019.

Notes:
Technical and/or personality tests may be carried out as part of the selection process
Only short-listed candidates will be contacted
Though you may not be selected for this advertised position, the ICC will keep your application in a roster if your profile is deemed to be of potential interest for the Centre. You may thus be solicited by our HR department to participate in an interview for another position

Applications from women are particularly encouraged for this vacancy