The ICT Officer (Cloud SecOps Engineer) will lead own and evolve the cloud security architecture and operations for IOM. The role ensures the security, integrity, and compliance of IOM’s cloud infrastructure (primarily Azure, with multi-cloud awareness). This role focuses on threat detection, incident response, security automation, and hardening of cloud environments supporting IOM global offices. Under the overall supervision of the Chief Technology Officer and the direct supervision of Senior ICT Officer (Cloud Services), the ICT Officer (Cloud SecOps Engineer) will be responsible for the cloud infrastructure operations.
Responsibilities:
Implement 24/7 monitoring using Microsoft Sentinel, Defender for Cloud, and Azure Monitor.
Implement, monitor, and maintain data loss prevention (DLP) strategies and controls across cloud environments to safeguard sensitive data against unauthorized access, leakage, and exfiltration.
Investigate AND remediate security incidents (breaches, malware, DDoS) with root-cause analysis.
Define incident detection and incident management workflows and playbooks for cloud environments and collaborate with CSIRT teams.
In coordination with the Identity and Access management team, enforce Zero Trust via Azure AD Conditional Access, PIM, and RBAC.
Audit service principals, role assignments, and privileged access.
Ensure compliance with relevant security regulations and standards such as GDPR, ISO 27001, NIST, CIS Benchmarks in cloud environments and attain baseline with Azure Security Benchmark.
Conduct vulnerability scans (Defender for Cloud, Tenable) and patch management.
Automate compliance checks using Azure Policy and Blueprints.
Implement security checks into CI/CD pipelines, ensuring compliance with industry standards.Work with other teams (e.g., cloud operations, development, information security) to implement and maintain cloud security.
Train teams on cloud security best practices.
Coordinate with infosec to ensure completeness of security policies, procedures, and incident reports.
Provide technical expertise and guidance to team members on cloud and SecOps practices.
Collaborate on optimizing cloud spending and implementing cost-saving measures.
Education:
Master’s degree in Cybersecurity, Computer Engineering, Computer Science, or a related field from an accredited academic institution with five years of relevant professional experience.
University degree in the above fields with seven years of relevant professional experience.
Work Experience:
A minimum of 5 years of experience in Cloud SecOps engineering.
Strong and hands-on experience with Azure services especially Microsoft Sentinel, Defender for Cloud, Key Vault, Azure Firewall.
Proven experience managing cloud infrastructure in AWS and Azure environments through automation. Having GCP experience is a plus.
Expertise in Infrastructure-as-Code tools (Terraform, CloudFormation, or Ansible).
Hands-on experience with CI/CD tools like Jenkins, GitHub Actions, and Azure DevOps.
Proficiency in scripting and programming languages (e.g., Python, Bash, or PowerShell).
Strong knowledge of containerization technologies like Docker and orchestration platforms such as Kubernetes.
Familiarity with monitoring tools (e.g., LogicMonitor, Prometheus, or CloudWatch).
Solid understanding of security best practices, including access management and vulnerability mitigation.
Effective problem-solving skills and the ability to work in a collaborative, team-oriented environment.
Languages:
IOM’s official languages are English, French, and Spanish. All staff members are required to be fluent in one of the three languages.
For this position, fluency in English is required (oral and written). Working knowledge of an official UN language (Arabic, Chinese, French, Russian, and Spanish) is an advantage.
Proficiency of language(s) required will be specifically evaluated during the selection process, which may include written and/or oral assessments.
