ICT SECURITY EXPERT
Geneva
- Organization: ICRC - International Committee of the Red Cross
- Location: Geneva
- Grade: Mid/Senior level - Mid/Senior - Internationally recruited position
-
Occupational Groups:
- Communication and Public Information
- Security and Safety
- Information Management
- Information Technologies
- Closing Date: Closed
Purpose of the post
The ICT Security Expert provides the technical security view to the ICT Security Officer in its mission of managing security of the ICRC information systems at the appropriate level. It includes:
- Delivering expertise in architecture design for improving protection mechanisms of the information systems
- Supplying relevant information to understand security trends and give tracks for enhancements
- Supporting ICT teams during exceptional security incidents
Main duties and responsibilities
- Manage & operate security tools to ensure that information systems are protected at the appropriate and expected security levels (i.e., vulnerabilities assessments)
- Identify security alerts and new threats, analyze their consequences and impacts, inform concerned parties and make sure they are handled in an proper way
- Establish and lead security activities related to critical incidents, in emergency situations, for the Geneva HQ as well as the field
- Actively contribute in improving detection of and response to information security-related events or incidents
- Monitor technical compliance with ICT security policies, procedures and standards
- Provide support to ICT sectors for technical implementation of security policies and all their related security controls
- Fully participate into new projects (applications, IT infrastructure, etc.), from the very beginning (typically the architecture design phase) to ensure that all the required security components are implemented to protect adequately the information systems
- Facilitate collaboration with other technical security resources (i.e., ICT platform responsible, consultants, external providers)
- Be the focal point for technical advices regarding security subjects coming from ICT Field engineers
- Continuously provide selected data to the ICT Security Officer for establishing security dashboard
- Do security training to ICT staff on technical subjects (i.e., OWASP, authentication methods, debugging tools)
- Be the ICT Security Officer’s backup in case of absence
Education and experience required
- At least 5 years of relevant professional experience
- Relevant experience in an international and multicultural environment
- A University degree in Computer Science, Engineering or related field
- Graduate specialization in security or networking, or equivalent experience
- Security certifications such as CISSP, GIAC, CompTIA Security+ or CEH
Desired profile and skills
- Able to work in both French and English (speaking and writing)
- Knowledge of information security standards, frameworks and best practices (ISO 27001, NIST, SANS)
- Analytical minded with a systematic approach, able to respond quickly to changing circumstances, challenge requests, value different perspectives and ideas
- Excellent communication, interpersonal and conceptual thinking skills
- Focuses on results and desired outcomes and how best to achieve them
- Adheres to a strong set of moral, ethical and professional principles which shows soundness of personal character, honesty and truthfulness
- In-depth knowledge of enterprise LAN / WAN & VPN technologies, common network protocols (DNS, HTTP/S, SMTP, SNMP, LDAP, NetBIOS, RTPS, Syslog, etc.) and components (routers, firewalls, Reverse Proxy, WAF, IDS/IPS, security gateways, etc.)
- Comprehensive knowledge of common authentication and authorisation mechanisms (LDAP, NTLM, Kerberos, ADFS), encryption and digital certificates implementation
- Excellent command of Microsoft OS (servers & workstations) and PowerShell scripting
- Thorough knowledge with monitoring, infosec assessment, forensics and pentest security toolset (i,e, QualysGuard, Metasploit, Burp, Wireshark, SIEM solution, etc.)
- Expertise in security architecture design and system hardening
- Basic programming and reverse engineering skills
Additional information
Type of role: Resident
Type of contract: Open-ended
Working rate: 100%
Starting date: ASAP
Application deadline: 25 June 2017
This vacancy is now closed.
However, we have found similar vacancies for you:
However, we have found similar vacancies for you:
REGIONAL DIGITAL OFFICER
Mid/Senior level - Mid/Senior
ICRC - International Committee of the Red Cross
Closing tomorrow
Kenya