The UNICC workforce consists of many diverse nationalities, cultures, languages, and opinions. UNICC seeks to sustain and strengthen this diversity by ensuring equal opportunity and an inclusive working environment for its entire workforce. Applications are encouraged from all qualified candidates without distinction on grounds of race, ethnicity, sex, national origin, age, religion, disability, sexual orientation and gender identity.

Purpose of the Position:

The Cybersecurity Operations Officer (Cyber Threat Intelligence Lead) will be responsible for assisting the in delivery of the Cybersecurity Operations services and projects aligned with the strategy and roadmap. This role requires a strong foundation in technical knowledge (especially related to Cyber Threat Intelligence) but also an ability to communicate complex security topics to a non-technical audience and work collaboratively across diverse teams.

Objectives of the Programme:

The objective of the Centre is to provide trusted ICT services and digital business solutions to its Clients and Partner Organizations.

Main duties and responsibilities:

The incumbent will work under the direct supervision and guidance of the Chief, Cybersecurity Operations (CSO) within the Cybersecurity Division (CS) and will be in constant collaboration with other CSO teams. The incumbent will be responsible for:

• Under guidance, oversee the collection and analysis of Cyber Threat Intelligence from diverse sources, ensuring timely and actionable insights
• Conduct analysis of cyber threats, focusing on Tactics, Techniques, and Procedures (TTPs) to recommend and implement enhanced detection and response strategies
• Contribute to Cyber Threat Intelligence efforts to strengthen the organization’s response to security incidents and improve SOC performance
• Following the Section’s best practices, oversee a team of Cyber Threat Intelligence specialists
• Provide mentorship and guidance to other Cyber Threat Intelligence specialists, fostering a culture of continuous learning and excellence
• Manage and fine-tune Cyber Threat Intelligence tools, ensuring optimal performance and relevance
• Implement automation solutions to streamline Cyber Threat Intelligence processes, increasing efficiency and effectiveness
• Prepare Cyber Threat Intelligence reports and briefings, tailored to a diverse audience
• Suggest and implement customized threat detection rules and use cases, boosting the organization’s ability to detect and respond to threats
• In collaboration with relevant team members, analyse security-related data to produce reports that illustrate the organization’s security posture and support specialized security assessments
• Under guidance, establish and deliver key performance indicators to measure and optimize the effectiveness of the Cyber Threat Intelligence team
• Collaborate in technical presales activities for Cybersecurity Operations, providing expert insights and support
• Other: Provide other ad hoc support either within the team or in other teams as required – this includes the participation in special projects or support to service delivery for short period of time on a part-time or full-time basis upon request from the senior management

Experience and Skills required:

Essential: 

• A minimum of five (5) years of experience in Cybersecurity Operations
• Experience in a Cyber Threat Intelligence, including methodologies and frameworks
• Proficiency in various cybersecurity technologies related to SIEM, Microsoft Operating Systems, Network Security Concepts, EDR solutions, Vulnerability Management, Identity and Access Management, Cloud environments
• Experience with Cyber Threat Intelligence tools (e.g. MISP, etc)
• Experience in performing OSINT investigations
• Experience in optimization of Cyber Threat Intelligence process or workflow

Desirable:

• Experience in Security Operations Center (SOC) or as Security Incident Responder coordinator
• Experience in Cyber Threat Intelligence platform and tools
• Experience with UN entities

Education*:

Essential: 

• First university degree in Computer Science, Engineering, Information Systems
• At least one of the following technical certifications: CMS, CISSP, CISM, CISA, CSTA, CSTP, GCFE, GDAT, Crowdstrike, Microsoft Security Operations Analyst Associate, OSCP, GCIH, GCIA, GPEN, or other GIAC/similar certifications

Desirable: 

• Advanced university degree in Computer Science, Engineering, or Cyber Security
• Ability to manage multiple priorities

Languages:

• English: Expert knowledge is required
• Knowledge of other UN official working language is an asset

Global Competencies:

• Teamwork: Develops and promotes effective relationships with colleagues and team members. Deals constructively with conflicts.
• Communicating: Expresses oneself clearly in conversations and interactions with others; listens actively. Produces effective written communications. Ensures that information is shared.
• Respecting and promoting individual and cultural differences: Demonstrates the ability to work constructively with people of all backgrounds and orientations. Respects differences and ensures that all can contribute.
• Knowing and managing yourself: Manages ambiguity and pressure in a self-reflective way. Uses criticism as a development opportunity. Seeks opportunities for continuous learning and professional growth.
• Producing results: Produces and delivers quality results. Is action oriented and committed to achieving outcomes.
• Moving forward in a changing environment: Is open to and proposes new approaches and ideas. Adapts and responds positively to change.

Compensation:

Annual Salary Estimation (net of tax at single rate):

• Brindisi (Italy), including post adjustment (29,9% on August 2024): US$ 83,293.
• New York (USA), including post adjustment (88,4 % on August 2024): US$ 120,803.
• Valencia (Spain), including post adjustment (36,8% on August 2024 ): US$ 87,717.

UNICC also offers generous leave and absence allowances, flexible working hours, overtime compensation, teleworking, access to training, and depending on eligibility other benefits such as relocation grant, dependency allowance, language allowance, or education grant.

Closing date for applications:

Applications will be accepted until midnight (Geneva Time) on 10 October 2024.

Notes:

• Technical and/or personality tests may be carried out as part of the selection process
• Only short-listed candidates will be contacted
• Though you may not be selected for this advertised position, the UNICC will keep your application in a roster if your profile is deemed to be of potential interest for the Centre. You may thus be solicited by our HR department to participate in an interview for another position

* For UNICC staff members who do not meet the minimum educational qualifications, please refer to the applicable WHO e-Manual Annex 6 – Guidelines on Standard Minimum Experience Exposure and Education Requirements

Please inform us should you require any specific accommodation to facilitate your application

The UNICC workforce consists of many diverse nationalities, cultures, languages, and opinions. UNICC seeks to sustain and strengthen this diversity by ensuring equal opportunity and an inclusive working environment for its entire workforce. Applications are encouraged from all qualified candidates without distinction on grounds of race, ethnicity, sex, national origin, age, religion, disability, sexual orientation and gender identity.

For applications to be valid, they must contain a motivation letter and the filled Personal History Form.