Cybersecurity Operations Officer (Incident Response and Malware Analysis)

  • Contractor
  • Italy
  • $83,756 USD / Year

International Computing Centre

Italy

The UNICC workforce consists of many diverse nationalities, cultures, languages, and opinions. UNICC seeks to sustain and strengthen this diversity by ensuring equal opportunity and an inclusive working environment for its entire workforce. Applications are encouraged from all qualified candidates without distinction on grounds of race, ethnicity, sex, national origin, age, religion, disability, sexual orientation and gender identity.

Purpose of the Position:

Provide front line support to UNICC Partners in the area of information/cyber security, risk management consulting, and security operations activities

Objectives of the Programme:

The objective of the Centre is to provide trusted ICT services and digital business solutions to its Clients and Partner Organizations.

Main duties and responsibilities:

The incumbent will work under the direct supervision and guidance of the Head of Cybersecurity Operations (CSO) within the Cybersecurity Division (CS). The incumbent could be requested to do any other tasks of similar level
in related fields.

The incumbent will perform the following duties:

  • Conduct cybersecurity architecture review of new or existing technical solutions and propose recommendations for improvement and enhancing security posture
  • Support the development and implementation of KPIs to measure the effectiveness of cybersecurity operations capabilities
  • Prepare and lead presentations on cybersecurity related topics as well as technical reports for various audiences, presenting findings or investigation outputs in a clear and concise manner
  • Contribute to the development of policies, security standards and procedures for a variety of security technologies and related controls
  • Collaborate with relevant information security professionals and team members to perform threat and anomaly detection, analytics and hunting, digital forensics, in collaboration with a team of information security
    professionals
  • Perform malware reverse engineering
  • Investigate cyber security events escalated from Level I & Il Analysts and Clients, assessing security risk and recommending appropriate mitigation strategies
  • Under the guidance of the Head, CSO, develop and fine tune SIEM use cases and response processes/procedures
  • Align SIEM/SOC use cases with business requirements using risk-based approach
  • Conduct forensic analysis of events, images, packets and other digital Evidence to identify root causes and support incident response efforts
  • Coordinate the activities of Incident Response and Malware Analysis team members, as and when required to ensure efficient and effective response to security incidents
  • Act on and monitor security incident response and remediation efforts, providing timely updates and recommendations for improvement
  • Other: Provide ad hoc support either within the Unit or other units as required — this includes the participation in special projects or support to service delivery for short period of time on a part-time or full-time basis upon request from the senior management

Recruitment Profile

Experience and Skills required:

  • A minimum of five (5) years of relevant experience in information technology, including in conducting or coordinating cyber security incident response activities
  • Strong understanding of SIEM technologies and experience in developing and fine-tuning SIEM use cases
  • Proficiency in malware reverse engineering techniques and tools
  • Proven experience in reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs)
  • Strong expertise in scripting languages such as Python, PowerShell, or Bash for automation purposes
  • Knowledge of Mobile Forensics

Desirable:

  • Experience with digital investigation products like Encase or FTK
  • Knowledge of static and dynamic code analysis on x86
  • Strong programming skills in C/C++/.Net/Java

Education*:

Essential:

  • First university level degree in Computer Science or related field
  • At least one of the following technical certifications: CMS, CISSP, CISM, CISA, CSTA, CSTP, GCFE, OSCP, GCIH, GCIA, GPEN or other GIAC/similar certifications

Desirable:

  • Advanced university degree in Management Information Systems, Computer Science, or Computer Engineering or similar

Languages:

Essential:

  • English: Expert knowledge is required
  • French: Beginner knowledge is desirable

Global Competencies:

  • Teamwork: Develops and promotes effective relationships with colleagues and team members. Deals constructively with conflicts.
  • Communicating: Expresses oneself clearly in conversations and interactions with others; listens actively. Produces effective written communications. Ensures that information is shared.
  • Respecting and promoting individual and cultural differences: Demonstrates the ability to work constructively with people of all backgrounds and orientations. Respects differences and ensures that all can contribute.
  • Creating an empowering and motivating environment Guides and motivates staff towards meeting challenges and achieving objectives. Promotes ownership and responsibility for desired outcomes at all levels.
  • Moving forward in a changing environment: Is open to and proposes new approaches and ideas. Adapts and responds positively to change.
  • Setting an example: Acts within UNICC’s / WHO’s professional, ethical and legal boundaries and encourages others to adhere to these. Behaves consistently in accordance with clear personal ethics and values.
  • Building and promoting partnerships across the Organization and beyond: Develops and strengthens internal and external partnerships that can provide information, assistance and support to UNICC. Identifies and uses synergies across the Organization and with external partners.

Other Information

Compensation:

Annual Salary Estimation (net of tax at single rate):

  • Rome (Italy), including post adjustment (33,6% on March 2024): US$ 83,756.

UNICC also offers generous leave and absence allowances, flexible working hours, overtime compensation, teleworking, access to training, and depending on eligibility other benefits such as relocation grant, dependency allowance, language allowance, or education grant.

Closing date for applications:

Applications will be accepted until midnight (Geneva Time) on 17 April 2024.

Notes:

  • Technical and/or personality tests may be carried out as part of the selection process
  • Only short-listed candidates will be contacted
  • Though you may not be selected for this advertised position, the UNICC will keep your application in a roster if your profile is deemed to be of potential interest for the Centre. You may thus be solicited by our HR department to participate in an interview for another position

* For UNICC staff members who do not meet the minimum educational qualifications, please refer to the applicable WHO e-Manual Annex 6 – Guidelines on Standard Minimum Experience Exposure and Education Requirements

Please inform us should you require any specific accommodation to facilitate your application

The UNICC workforce consists of many diverse nationalities, cultures, languages, and opinions. UNICC seeks to sustain and strengthen this diversity by ensuring equal opportunity and an inclusive working environment for its entire workforce. Applications are encouraged from all qualified candidates without distinction on grounds of race, ethnicity, sex, national origin, age, religion, disability, sexual orientation and gender identity.

For applications to be valid, they must contain a motivation letter and the filled Personal History Form.

How to apply

Apply Here: https://bit.ly/3xsfd6t


Deadline: 17-Apr-24