Purpose of the Position: The purpose of this position is to provide support to UNICC's partners and support Cybersecurity Operations activities in collaboration with UNICC's team of information and cybersecurity professionals who collaborate with IT professionals from multiple UN agencies and International Organizations.
Objectives of the Programme: The objective of the Centre is to provide trusted ICT services and digital business solutions to its Clients and Partner Organizations.
Main Duties and ResponsibilitiesThe incumbent will work under the direct supervision and guidance of the Head, Cybersecurity Operations (CSO) within the Cybersecurity Division (CS) and in close collaboration with the CSO teams.
The incumbent will perform the following duties:
Perform relevant actionable intelligence analysis on current cyber threats, including analysis of security alerts and incident response reports.Identify and report on relevant cyber threat information from security operations monitoring teams.Perform analysis and interpretation of data and potential threats using various intelligence gathering and reporting tools and frameworks.Collaborate with different cybersecurity teams (SOC, CTI, IR) to provide contextual visibility for ongoing investigations and serve as an escalation point from security analysts.Assist in the research and analysis of different cyber threats relevant for UNICC and its UN partner organizations.Propose optimization and automation strategies for processes involved in collecting and disseminating information across technical controls (SIEM, EDR, NDR).Coordinate technical team members analyzing and delivering cyber threat information under guidelines provided by the Head, CSO.Communicate findings and recommendations to stakeholders in close collaboration with the relevant team members and under guidance of the Head, CSO.Provide other ad hoc support either within your team or in other teams as required, including participation in special projects or support to service delivery for short periods of time upon request from senior management.Recruitment ProfileExperience and Skills Required Essential: At least two (2) years of experience in Cybersecurity.Familiarity with various intelligence gathering and reporting tools and frameworks including proven experience in the following areas:Cybersecurity Incident ResponseSIEM technology (e.g.
Splunk, Azure Sentinel, Elastic)MISP PlatformMITRE FrameworkOSINT FrameworkProgramming skills to integrate different internal systems with external sources and to automate the collection, management, and dissemination of actionable intelligence.Desirable: API integration experience.Python programming skills.Experience with running and investigating systems using multiple platforms, including Linux, Windows, MacOS, Android, iOS.
#J-18808-Ljbffr