Purpose of the Position: The purpose of this position is to provide support to UNICC's partners, support Cybersecurity Operations activities in collaboration with UNICC's team of information and cybersecurity professionals who collaborate with IT professionals from multiple UN agencies and International Organizations.
Objectives of the Programme: The objective of the Centre is to provide trusted ICT services and digital business solutions to its Clients and Partner Organizations.
Main Duties and ResponsibilitiesThe incumbent will work under the direct supervision and guidance of the Head, Cybersecurity Operations (CSO) within the Cybersecurity Division (CS) and in close collaboration with the CSO teams.
The incumbent will perform the following duties:
Perform relevant actionable intelligence analysis on current cyber threats, including analysis of security alerts and incident response reports.Identify and report on relevant cyber threat information from security operations monitoring teams.Perform analysis and interpretation of data and potential threats using various intelligence gathering and reporting tools and frameworks.Collaborate with different cybersecurity teams (SOC, CTI, IR) to provide contextual visibility for ongoing investigations and serve as an escalation point from security analysts.Assist in the research and analysis of different cyber threats relevant for UNICC and its UN partner organizations.Propose optimization and automation strategies for processes involved in collecting and disseminating information across technical controls (SIEM, EDR, NDR).Coordinate technical team members analyzing and delivering cyber threat information under guidelines provided by the Head, CSO.Communicate findings and recommendations to stakeholders in close collaboration with the relevant team members and under guidance of the Head, CSO.Provide other ad hoc support either within your team or in other teams as required, including participation in special projects or support to service delivery for short periods of time upon request from senior management.Recruitment ProfileExperience and Skills RequiredEssential:
At least two (2) years of experience in Cybersecurity.Familiarity with various intelligence gathering and reporting tools and frameworks including proven experience in the following areas:Cybersecurity Incident ResponseSIEM technology (e.g. Splunk, Azure Sentinel, Elastic)MISP PlatformMITRE FrameworkOSINT FrameworkProgramming skills to integrate different internal systems with external sources and to automate the collection, management and dissemination of actionable intelligence.Strong analytical skills and the ability to interpret complex data and identify potential security risks.Proven track record of working effectively in a fast-paced environment.Desirable:
API integration experience.Python programming skills.Experience with running and investigating systems using multiple platforms, including Linux, Windows, MacOS, Android, iOS.Knowledge of security controls used for detection and defense (e.g. networking technologies such as firewalls, proxies, IDS/IPS and endpoint protection tools such as EDR and Antimalware solutions).Technical knowledge of malware, attack methodologies, cyber threats, defenses, motivations, techniques and methods.EducationEssential:
First university degree in Computer Science or Cybersecurity Area.Desirable:
Any of the following certifications: OSCP, GDAT, GCTI, GCFA, GCIH, GPEN, or GCIA.LanguagesEssential:
English: Expert knowledge is required.Other language: Spanish or Italian, Beginner knowledge is desirable.Global CompetenciesTeamwork: Develops and promotes effective relationships with colleagues and team members. Deals constructively with conflicts.Communicating: Expresses oneself clearly in conversations and interactions with others; listens actively. Produces effective written communications. Ensures that information is shared.Respecting and promoting individual and cultural differences: Demonstrates the ability to work constructively with people of all backgrounds and orientations. Respects differences and ensures that all can contribute.Creating an empowering and motivating environment: Guides and motivates staff towards meeting challenges and achieving objectives. Promotes ownership and responsibility for desired outcomes at all levels.Producing results: Produces and delivers quality results. Is action-oriented and committed to achieving outcomes.Moving forward in a changing environment: Is open to and proposes new approaches and ideas. Adapts and responds positively to change.Other InformationCompensation: Annual Salary Est.
#J-18808-Ljbffr