ICT Associate - ICT Security

The Vulnerability Management Team performs security assessments of websites, applications and infrastructure components in various hosting/operating environments including enterprise data centres, and cloud environments. The team provides tools, training and guidance to other stakeholders globally to enable performance of infrastructure security assessments in their environments and timely detection of security issues requiring attention.

The ICT Associate - ICT Security contributes to deliver a threat and incident management program that will improve threat detection and implementation of timely and adequate responses to security incidents to globally distributed operational ICT environments faced with heightened threat and increased volume and level of sophistication of targeted cyberattacks.

The incumbent of this position will be a staff member of UNOPS under its full responsibility.

**** THIS IS A LOCAL POSITION FOR WHICH ONLY APPLICANTS WHO ARE SPANISH OR EUROPEAN UNION CITIZENS OR APPLICANTS WHO POSSESS A VALID RESIDENCE AND WORK PERMIT IN SPAIN ARE ELIGIBLE FOR CONSIDERATION****

About the Region

The UNOPS Global Portfolios Office (GPO) brings together diverse expertise to help partners deliver impact worldwide. With hubs in New York, Geneva, and Vienna, and expert teams operating globally, GPO leads multi-regional initiatives that advance sustainable development, climate action, and peacebuilding - including in some of the world's most challenging environments. By leveraging our collective expertise and global networks, GPO supports UNOPS' strategic priorities and the Sustainable Development Goals across more than 130 countries. We work closely with major global partners - including governments, international financial institutions, and UN agencies - to deliver a wide range of services, such as project management, fund management, hosting services, and HR support.

About the Country/Multi-Country Office

Not Required - part of GPO/NYPO

Job Specific Context

UNOPS has signed an agreement with OICT to support to deliver a threat and incident management capacity and capabilities that will improve threat detection and implementation of timely and adequate responses to security incidents to globally distributed operational ICT environments faced with heightened threat and increased volume and level of sophistication of targeted cyberattacks.

Role Purpose

Under the overall supervision of the UNOPS Senior Programme Manager, this position is in the United Nations Information and Communications Technology Facility (UNICTF) in Valencia, Spain. The incumbent will work under the guidance of Chief of ICT Security Service (ISS) and direct supervision of ICT Senior Manager- ICT Security.

Functions / Key Results Expected

The ICT Associate contributes to delivering a threat and incident management program that will improve threat detection and implementation of timely and adequate responses to security incidents to globally distributed operational ICT environments faced with heightened threat and increased volume and level of sophistication of targeted cyberattacks.

With the delegated authority, the ICT Associate's key functions are:

Monitoring and Reporting

Incidents Response

Knowledge Management

Details of Duties:

Monitoring and Reporting:

Conducts continuous monitoring and revision of security events.

Analyzes alerts and correlates events from multiple data sources and tools.

Supports and actively contributes to threat hunting campaigns proactively searching for anomalies and evidence of compromise across the Secretariat.

Develops and fine-tunes detection rules, aligning use cases with the business and organizational requirements.

Develops and implements advanced detection and mitigation strategies against persistent threats and threat actors.

Incidents Response

Supports and contributions to the Secretariat's global incident response team.

Responds to information security incidents and assists during the entire lifecycle of the incidents. Analyses root causes of security incidents and propose preventive controls and mitigations.

Supports the escalation, response, and remediation efforts liaising with local IT focal points, and operational teams to ensure timely resolution of security incidents and implementation of the required countermeasures.

Performs digital forensic analyses and assists with authorized technical analysis efforts through close collaboration with internal business units and external partners.

Develops and improves incident response playbooks, processes, and procedures.

Participates in a rotating on-call schedule to support the organization's 24x7 incident response efforts.

Knowledge Management

Supports the cyberthreat intelligence program through the collection, correlation and analysis of events and threat information from various sources to identify artefacts and patterns of suspicious activities, and methods used by adversaries.

Supports the identification, analysis, evaluation, and mitigation of risks to information technology, communications, and data systems in collaboration with stakeholders.

Maintains confidentiality, integrity, and discreet handling of sensitive information in compliance with the UN data privacy, security requirements, and standards.

Tracks and monitors threat actors relevant to the organization.

Researches and evaluates innovative and effective information security technology solutions, their configuration and integration into the organization's existing ICT landscape.

Maintains internal security tools and related infrastructure.

Develops and improves internal tools, integrations, and automation of processes.

Contributes to the formulation of the policy and other supporting documents including procedures and guidelines.

Performs other duties as assigned.

Application Security, Automation, Digital Forensics, Security Audits, Cybersecurity, Cybersecurity Assessment, Cybersecurity Audit, Cybersecurity Risk Assessment

Competencies

Treats all individuals with respect; responds sensitively to differences and encourages others to do the same. Upholds organisational and ethical norms. Maintains high standards of trustworthiness. Role model for diversity and inclusion.

Acts as a positive role model contributing to the team spirit. Collaborates and supports the development of others. For people managers only: Acts as positive leadership role model, motivates, directs and inspires others to succeed, utilizing appropriate leadership styles.

Demonstrates understanding of the impact of own role on all partners and always puts the end beneficiary first. Builds and maintains strong external relationships and is a competent partner for others (if relevant to the role).

Efficiently establishes an appropriate course of action for self and/or others to accomplish a goal. Actions lead to total task accomplishment through concern for quality in all areas. Sees opportunities and takes the initiative to act on them. Understands that responsible use of resources maximizes our impact on our beneficiaries.

Open to change and flexible in a fast paced environment. Effectively adapts own approach to suit changing circumstances or requirements. Reflects on experiences and modifies own behavior. Performance is consistent, even under pressure. Always pursues continuous improvements.

Evaluates data and courses of action to reach logical, pragmatic decisions. Takes an unbiased, rational approach with calculated risks. Applies innovation and creativity to problem-solving.

Expresses ideas or facts in a clear, concise and open manner. Communication indicates a consideration for the feelings and needs of others. Actively listens and proactively shares knowledge. Handles conflict effectively, by overcoming differences of opinion and finding common ground.

Education Requirements

Required

Secondary school (or equivalent) with 6 years of relevant experience OR

Bachelor's degree (or equivalent) prefererably in computer science, information systems, information security or related field with 2 years of relevant experience is required.

Desired

Certifications in Information Security (such as certifications issued by organizations including ISC2, GIAC, ISACA, and Offensive Security) are an advantage.

Experience Requirements

Required

• Relevant experience is defined as experience working in information security and/or incident response and threat management.

Desired

• Experience as a Security Operations Center (SOC) analyst and/or demonstrable knowledge in Security Information and Event Management (SIEM), Endpoint Detention and Response (EDR) and Identity Management products and technologies (e.g. Sentinel, Defender, Entra ID).
• Experience in Cyberthreat Intelligence, Incident Response and Threat Hunting.
• Experience in general-purpose scripting languages (e.g. Python, Bash, PowerShell, etc.).

Language Requirements

Language Proficiency Level Requirement English Fluent Required Spanish Fluent Desirable