Information Security Administrator (G5)
Are you a motivated Information Security Administrator with knowledge of Security Information and Event Management (SIEM) systems? Do you want to be part of a dynamic multicultural team of IT security experts and work for a number of prestigious clients from the United Nations system and other IOs? Then join the United Nations International Computing Centre (UNICC) in our New York office, and contribute to address security challenges Main duties and responsibilities:
Under the direct supervision and guidance of the Information Security Specialist (SOC Manager) in the CP Division, and in close collaboration with the Information Security Services team members, the post holder will perform information security assessments on ICC and partner infrastructure, comparing them to industry best practices like CIS Benchmarks, NIST guidelines, etc.
The post holder will more specifically:
Be part of a team of Security operations professionals investigating alerts, anomalies, errors, intrusions, malware, etc. which aim is to identify the responsible, to determine remediation, and to recommend security improvements;
Review security events that are populated in the Security Information and Event Management (SIEM) system;
Monitor and investigate a variety of network and host-based security appliance logs preconfigured on SOC dashboards (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident;
Follow precise analytical procedures to help determining the nature and scope of problems being reported by tools, e-mails, alerts, etc;
Document all activities related to an incident and provide status updates during the life cycle of the incident;
Run vulnerability scans and reviews vulnerability assessment reports. Manages and configures security monitoring tools;
Open tickets and assign them to Tier II or Tier III common SOC analysts after eliminating false positives;
Responsible for working in a 24x7 Security Operation Centre (SOC) environment;
Perform other duties as assigned.
Experience and Skills required:
5 years of relevant experience in administration /support of one of the following services or technologies◦Active Directory Services
- Perimeter network infrastructure (IPS/IDS/Firewalls)
- Operating systems (Windows 2008, Windows 2012, Windows 10, Linux, Apple iOS)
- Exchange /Domino/Email services
- Active Directory Federation Services
- Endpoint protection tools
- SIEM/log management solutions
Knowledge of Transmission Control Protocol / Internet Protocol (TCP/IP) protocols
Knowledge of SIEM tools like Splunk, Q Radar, Arc Sight, Net Witness. Ability to develop queries, data models and dashboards
Knowledge of email security, network monitoring, and incident response
- Knowledge of Linux/Mac/Windows Operating Systems;
- Excellent communication skills
- Experience in vulnerability management and security incident response activities.
- Experience on an Incident Response team performing Tier I/II initial incident management.
- Programming skills (Python, Ruby, PHP, C, C#, Java, Perl, and more)
- Knowledge of security controls in line with CIS benchmarks, NIST guidelines or other best practices
- Moderate knowledge of security related technologies and their functions (IDS, IPS, EDR, IRP, FW, WAF, SIEM, etc.)
- Graduation from secondary school supplemented by specialized training in IT
- Any of the following certifications: GCIH, CEH, GCFA or any SANS certification or training
- Expert knowledge of English is required;
- Knowledge of another UN language is desirable.
This position is subject to local recruitment pursuant to staff rule 4.4 of the United Nations Staff Rules. All staff in the General Service and related categories shall be recruited in the country or within commuting distance of each office, irrespective of their nationality and of the length of time they may have been in the country. A staff member subject to local recruitment shall not be eligible for the allowances or benefits exclusively applicable to international recruitment.
Annual Salary Estimation (net of tax at single rate): USD44,708.
UNICC also offers generous leave and absence allowances, flexible working hours, overtime compensation, teleworking, access to training, and depending on eligibility other benefits such as relocation grant, dependency allowance, language allowance, or education grant.
Closing date for applications:
Applications will be accepted until midnight (Geneva Time) on 26 May 2019.
- Technical and/or personality tests may be carried out as part of the selection process
- Only short-listed candidates will be contacted
- Though you may not be selected for this advertised position, the ICC will keep your application in a roster if your profile is deemed to be of potential interest for the Centre. You may thus be solicited by our HR department to participate in an interview for another position
Applications from women are particularly encouraged for this vacancy
Please apply here: https://www.unicc.org/working-with-icc/information-security-administrato...