Application deadline: 18 March 2024

Duty station: Valencia, Spain

Contract level: G5

Functional responsibilities

Under the overall supervision of the UNOPS Senior Programme Manager, this position is located in the United Nations Information and Communications Technology Facility (UNICTF) in Valencia, Spain. The incumbent and will work under the guidance of Chief of Cyber Security Service (CSS) and direct supervision of ICT Senior Manager- ICT Security.

With the delegated authority, the ICT Senior Assistant – Cybersecurity key functions are:

Summary of Key Functions:

1. Security monitoring and Threat detection
2. Incident Response
3. Threat intelligence and Tooling

Details of Duties:

1. Security monitoring and Threat detection:

• Performs continuous monitoring and revision of security events.
• Supports in analyzing alerts and correlates events from multiple data sources and tools.
• Participates and contributes to threat hunting campaigns proactively searching for anomalies and evidence of compromise across the Secretariat.
• Assists in developing and fine-tuning detection rules, aligning use cases with the business and organizational requirements.
• Supports in developing advanced detection and mitigation strategies against persistent threats and threat actors.

2.Incident Response

• Participates and contributes to the Secretariat’s global incident response team.
• Responds to information security incidents and provides assistance during the entire lifecycle of the incidents. Analyses root causes of the security incidents and proposes preventive controls and mitigations.
• Assists in the coordination of escalation, response, and remediation efforts liaising with local IT focal points, and operational teams to ensure timely resolution of security incidents and implementation of the required countermeasures.
• Contributes to and performs digital forensic analyses.
• Supports in the creation and improves incident response playbooks, processes, and procedures.
• Contributes to the formulation of the policy and other supporting documents including procedures and guidelines.

3.Threat intelligence and Tooling

• Contributes to the cyber threat intelligence program through the collection, correlation and analysis of events and threat information from various sources to identify artefacts and patterns of suspicious activities, and methods used by adversaries.
• Tracks and monitors threat actors relevant to the organization.
• Performs research of innovative and effective information security technology solutions, their configuration and integration into the organization’s existing ICT landscape.
• Contributes to the maintenance of internal security tools and related infrastructure.
• Assists in the development and improvement of internal tools, integrations, and automation of processes.

4. Performs other duties as may be reasonably required and in line with the incumbent’s scope of services above.
Impact of results:

The ICT Senior Assistant – Cybersecurity to deliver a threat and incident management that will improve threat detection and implementation of timely and adequate responses to security incidents to globally distributed operational ICT environments faced with heightened threat and increased volume and level of sophistication of targeted cyberattacks.

Education/Experience/Language requirements

*FEMALE CANDIDATES ARE STRONGLY ENCOURAGED TO APPLY*
*CANDIDATES WITH NO UNITED NATIONS OR UNOPS EXPERIENCE ARE STRONGLY ENCOURAGED TO APPLY*
Education:

• Completion of Secondary education is required.
• University degree or professional diploma from a recognized institution preferably in computer science, information systems, information security or related field may substitute for some of the required years of experience.

Desirable:

• Certifications in Information Security (such as certifications issued by organizations including ISC2, GIAC, ISACA, and Offensive Security) are an advantage.

Experience:

Required experience:

• A minimum of five (5) years of practical experience in information security and/or incident response and threat management is required.

Desirable:

• Experience as a SOC analyst and/or demonstrable knowledge in SIEM products and technologies.
• Experience in Cyberthreat Intelligence, Incident Response and Threat Hunting.
• Experience in general-purpose scripting languages (e.g. Python, Bash, PowerShell, etc.).

Language Requirements:

• Fluency in English and Spanish (read, write, speak) is required.
• Knowledge of another United Nations official language is an asset.