Cybersecurity Specialist – Threat Detection & Incident Response - Cst1

DEADLINE FOR APPLICATIONS1 October 2024-23:59-GMT+01:00 Central European Time (Rome)
WFP celebrates and embraces diversity. It is committed to the principle of equal employment opportunity for all its employees and encourages qualified candidates to apply irrespective of race, colour, national origin, ethnic or social background, genetic information, gender, gender identity and/or expression, sexual orientation, religion or belief, HIV status or disability. ABOUT WFPThe World Food Programme is the world's largest humanitarian organization saving lives in emergencies and using food assistance to build a pathway to peace, stability and prosperity, for people recovering from conflict, disasters and the impact of climate change.
At WFP, people are at the heart of everything we do and the vision of the future WFP workforce is one of diverse, committed, skilled, and high performing teams, selected on merit, operating in a healthy and inclusive work environment, living WFP's values (Integrity, Collaboration, Commitment, Humanity, and Inclusion) and working with partners to save and change the lives of those WFP serves.
To learn more about WFP, visit our website: https://www.wfp.org WHY JOIN WFP?WFP is a 2020 Nobel Peace Prize Laureate.WFP offers a highly inclusive, diverse, and multicultural working environment.WFP invests in the personal & professional development of its employees through a range of training, accreditation, coaching, mentorship, and other programs as well as through internal mobility opportunities.A career path in WFP provides an exciting opportunity to work across the various country, regional and global offices around the world, and with passionate colleagues who work tirelessly to ensure that effective humanitarian assistance reaches millions of people across the globe.We offer an attractive compensation package (please refer to the Terms and Conditions section of this vacancy announcement). BACKGROUND AND PURPOSE OF THE ASSIGNMENT:Under the general supervision of the Chief TECI and the direct supervision of the Head of Cybersecurity Operations, the incumbent will assist the team with day-to-day cyber security operational efforts, focusing on detection engineering, analytics, incident response, and threat hunting. The incumbent shall provide support to the TECI's corresponding teams in carrying out activities related to monitoring for and investigating potential cyber incidents within the WFP infrastructure. The incumbent shall also be engaged in various additional aspects of the cyber-security threats analytical activities on operational level.
ACCOUNTABILITIES/RESPONSIBILITIES:Main responsibilities include, but are not limited to:
Monitor WFP environment for potential cyber incidents using cutting-edge tools and advanced telemetry, including but not limited to Microsoft security consoles, Incident Response (IR) platforms, and Threat Intel sources.Take charge of Tier 2/3 investigation and deep-dive analysis for potential cyber incidents as identified by WFP security telemetry using a suite of available tools to analyze data, uncover threats, and respond swiftly to mitigate risks.Implement detection engineering principles to develop and refine detection rules and analytics, and also leverage threat hunting techniques to better and proactively identify and neutralize threats in WFP's environment.Lead data quality efforts to ensure timely and consistent access to data sources that offer clean, structured and standardized telemetry to be consumed by cybersecurity team.Provide assistance to vulnerability management/network security teams to enhance defense mechanisms and, as necessary, provide expert consulting to the business on cybersecurity best practices and risk mitigation strategies.Identify and evaluate cutting-edge tools and/or services that enhance incident detection and response capabilities, including automations and data enrichments to streamline response and advance detection strategies.Research and assist to onboard new cybersecurity technologies and processes that enhance and support the TECI operational functions, and in compliance with existing policies and principles.Support tickets routed to TECI, and perform other cybersecurity related duties, as assigned.DELIVERABLES AT THE END OF THE CONTRACT:Daily monitoring for other potential threats and engage in proactive threat-hunting activities, ensuring coordination with local IT personnel to provide clear action plans for remediation when necessary.Represent TECI with Change Management on RFC proposals related to Active Directory, IAM, Endpoint, Cloud and Identity security activities, ensuring all changes align with cybersecurity best practices.Support analysis of suspicious emails, malware, or other suspicious activities, collaborating with relevant teams on remediation actions based on threat vectors.Implement automation, enrichment and detection engineering processes to optimize the TECI cybersecurity operations workflow, identification of threats, and overall capabilities.Utilize threat intelligence to inform security strategies and enhance detection capabilities, and liaise with other relevant teams to troubleshoot and document issues, and incorporate intelligence insights into better hunting and detection.Actively participate in cybersecurity-security related projects to improve WFP's security posture against evolving threats.QUALIFICATIONS & EXPERIENCE REQUIRED:Education: University degree in cybersecurity, computer science/engineering, or an equivalent discipline.
Experience: 3 or more years of incremental experience in the areas of cybersecurity operations (incident response, threat hunting, endpoint security, malware analysis or security tools administration)
Knowledge & Skills: Good understanding of common malware activity on endpointsKnowledge of MITRE ATT&CK framework and known APT groups activityCybersecurity operations, incident response, and threat analysis & hunting.Scripting: Programming skills in Python or PowerShell is considered a plus;Experience with cloud providers such as AWS, Azure, and GCP is an asset.Security certifications are considered an asset.WFP LEADERSHIP FRAMEWORKWFP Leadership Framework guides to the common standards of behavior that guide HOW we work together to accomplish our mission.
REASONABLE ACCOMMODATIONWFP is dedicated to fostering diversity, equity, and inclusion. Our recruitment process is inclusively crafted to welcome candidates of all backgrounds, celebrating diversity and ensuring a respectful environment for all. We aim for an accessible and fair recruitment journey. Should you need any reasonable accommodations or have accessibility concerns, please reach out to us confidentially at ******. Our DEI team is here to ensure your full participation in our recruitment process.
NO FEE DISCLAIMERThe United Nations does not charge any application, processing, training, interviewing, testing or other fee in connection with the application or recruitment process. Should you receive a solicitation for the payment of a fee, please disregard it. Furthermore, please note that emblems, logos, names and addresses are easily copied and reproduced. Therefore, you are advised to apply particular care when submitting personal information on the web.
REMINDERS BEFORE YOU SUBMIT YOUR APPLICATIONWe strongly recommend that your profile is accurate, complete, and includes your employment records, academic qualifications, language skills and UN Grade (if applicable).Once your profile is completed, please apply, and submit your application.Please make sure you upload your professional CV in the English languageKindly note the only documents you will need to submit at this time are your CV and Cover LetterAdditional documents such as passport, recommendation letters, academic certificates, etc. may potentially be requested at a future timePlease contact us at ****** in case you face any challenges with submitting your applicationOnly shortlisted candidates will be notifiedAll employment decisions are made on the basis of organizational needs, job requirements, merit, and individual qualifications. WFP is committed to providing an inclusive work environment free of sexual exploitation and abuse, all forms of discrimination, any kind of harassment, sexual harassment, and abuse of authority. Therefore, all selected candidates will undergo rigorous reference and background checks. No appointment under any kind of contract will be offered to members of the UN Advisory Committee on Administrative and Budgetary Questions (ACABQ), International Civil Service Commission (ICSC), FAO Finance Committee, WFP External Auditor, WFP Audit Committee, Joint Inspection Unit (JIU) and other similar bodies within the United Nations system with oversight responsibilities over WFP, both during their service and within three years of ceasing that service.


#J-18808-Ljbffr