Position Title: Associate Cybersecurity Operations Officer (Incident Response)
Position Type: Temporary - 12 months
Number of Positions: 1
Date of Issue: 06/09/2024
Date of Closing: 25/09/2024
Grade: P2
Duty Station: Brindisi, (Italy); Valencia, (Spain); New York, (USA)
Organizational Location/Unit: Cybersecurity Operations Unit (CSO)
Position DescriptionPurpose of the Position: Provide frontline support to UNICC Partners in the area of information/cyber security, risk management consulting, and security operations activities.
Objectives of the Programme: The objective of the Centre is to provide trusted ICT services and digital business solutions to its Clients and Partner Organizations.
Main duties and responsibilities: Under guidance, develop and build Automation scripts to perform Threat Hunting and Cyber Threat Intelligence (CTI) enrichment.Enhance Cyber Threat Intelligence following Security Incidents to continuously improve our defenses.Collaborate with relevant team members to perform threat and anomaly detection, analytics, and digital Forensics investigations.Investigate cybersecurity events escalated from Level I & II Analysts and Clients, providing analysis and recommendations.Under guidance of the Cybersecurity Operations Officer, develop and refine SIEM use cases and response processes/procedures.Align SIEM/SOC use cases with business requirements using a risk-based approach to ensure optimal security posture.Conduct forensic analysis of events, images, packets, and other digital evidence to uncover root causes and identify mitigation strategies.Act on and monitor security incident response and remediation efforts, ensuring effective resolution.Perform malware reverse engineering to identify and mitigate threats proactively.Provide ad hoc support either within the Unit or other units as required — this includes participation in special projects or support to service delivery for a short period of time on a part-time or full-time basis upon request from senior management.Recruitment ProfileExperience and Skills required: A minimum of two (2) years of relevant experience in Information Technology, including in conducting or coordinating cybersecurity incident response activities.Proven experience in reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs).Demonstrated experience in scripting languages such as Python, PowerShell, or Bash for automation purposes.Strong knowledge of AWS and/or Active Directory.Knowledge of static and dynamic code analysis on x86.Education: First university degree in Computer Science or related field.At least one of the following technical certifications: GCFE, OSCP, GCIH, GCIA, GPEN, or other GIAC/similar certifications.Advanced university degree in Management Information Systems, Computer Science, Computer Engineering, or similar.Languages: English: Expert knowledge is required.Spanish, Russian, or Arabic: Beginner knowledge is desirable.Other InformationCompensation: Annual Salary Estimation (net of tax at single rate):
Brindisi (Italy), including post adjustment (29.9% on September 2024): US$ 65,439.New York (USA), including post adjustment (88.4% on September 2024): US$ 94,910.UNICC also offers generous leave and absence allowances, flexible working hours, overtime compensation, teleworking, access to training, and depending on eligibility, other benefits such as relocation grant, dependency allowance, language allowance, or education grant.
Closing date for applications: Applications will be accepted until midnight (Geneva Time) on 25 September 2024.
Notes: Technical and/or personality tests may be carried out as part of the selection process.Only short-listed candidates will be contacted.Though you may not be selected for this advertised position, the UNICC will keep your application in a roster if your profile is deemed to be of potential interest for the Centre. You may thus be solicited by our HR department to participate in an interview for another position.Please inform us should you require any specific accommodation to facilitate your application.
For applications to be valid, they must contain a motivation letter and the filled Personal History Form. Apply Online
#J-18808-Ljbffr