Information Security Operations

International Labour Organization

Geneva, Switzerland

Experience: 5 to 10 Years

Skill Required: IT and ICT

The specific language requirements for this position are detailed hereunder. However, candidates applying for the professional category vacancies who have not already successfully completed their probationary period within the ILO and whose mother tongue is not one of the working languages of the Office (English, French and Spanish), shall be required to possess a fully satisfactory working knowledge of at least one of the ILO working languages. If appointed they may be required to acquire a knowledge of a second working language of the Office during their initial years of service.
Introduction:
  • The position is located in the Technology Management Services (TMS) Branch within the Information and Technology Management Department (INFOTEC). INFOTEC provides modern, secure, and reliable IT infrastructure, technologies, applications and services to enable the ILO to effectively use technology to perform its mission.
  • The position is responsible for all operational aspects of information security across the organisation. This includes day to day information security events monitoring, incident management, threat hunting, threat intelligence and vulnerability management. Additionally, the position is responsible for designing, implementing, and maintaining the security platform and tools supporting operational activities.
  • The incumbent will be a hands-on information security professional leading a small team of information technology specialists and overseeing the work of service providers. The position reports to the Branch Chief, TMS. 
Specific Duties:
  • Oversee information security operations, including Security Operations Centre (SOC) and Identity and Access Management (IAM). Ensure events are assessed, categorized, triaged, and escalated according to established classification and procedures.
  • Coordinate the definition and documentation of operating processes in line with governance and regulation rules in place. Ensure standard procedures are communicated to the relevant staff members and contractors, monitor adherence to defined processes.
  • Lead cyber security incidents resolution and coordinate incident response activities across different teams including threat hunting. Produce incident reports, forensic analysis and suggest improvement plans.
  • Design, build, automate, maintain, and document a coherent and cost-effective information security ecosystem. This primarily includes Security Information and Event Management (SIEM), Security Orchestration, Automation and Response (SOAR), Endpoint Detection and Response (EDR), Network Detection and Response (NDR), intrusion detection and vulnerability discovery.
  • Build big data analysis and reporting capabilities to  collect, and analyse logs, metrics, and events from multiple sources. Supervise the creation of alerts and reports to identify potential risks and compliance breaches.
  • Provide information security expertise to ILO departments and field offices, advise projects on security standards and best practices. Contribute to the elaboration of guideline and standards in collaboration with other INFOTEC units.
  • Proactively assess the teams’ capacity to respond to cyber security incidents and emergency situations. Organise tabletop exercises, simulations and dry runs to improve resilience to attacks.
  • Routinely monitor and evaluate the global threat landscape, identify potential risks applicable to the ILO, suggest mitigations measures, develop analytics and alerting capacity when applicable.
  • Oversee the identification and remediation of vulnerabilities on new and existing products, develop remediation plans with business owners, review compliance reports.
  • Assume line management responsibilities for staff and contractors, including work planning and monitoring implementation of work, adjusting priorities as needed, hiring, performance management, and staff development and training.
  • Manage the relationship with key suppliers, monitor the performance of outsourced contracts, engage in procurement and contractual activities as required. Closely monitor technology developments, identify opportunities and make recommendations on future evolutions.
  • Perform other relevant duties as assigned.
These specific duties are aligned with the relevant ILO generic job description, which includes the following generic duties:
Generic Duties:
  • Develop, install and maintain complex systems for various types of computers and applications used in the organization.  
  • Identify the need for new systems, and translate user needs into systems and applications that can be integrated with existing systems. Install and maintain purchased hardware and software.
  • Design, programme and maintain software to be used in-house. Undertake systems analysis, and prepare design specifications for programming.
  • Make recommendations on hardware and software requirements and on their purchase. Provide expertise and leadership on technological changes for the organization.
  • Create, monitor and document systems environment and standards that analysts, programmers, operators and users will use.
  • Allocate computer resources to users. Design and ensure the installation and usability of custom software.
  • Implement new systems software and required modifications in an optimal manner, particularly without adverse effects on current production and testing and minimal impact on development activities.
  • Provide training to staff on new computer software programmes.
Required qualifications:
Education:
  • Advanced university degree (Master’s or equivalent) in computer science or other closely related field. A first-level university degree (Bachelor’s or equivalent) in computer science or other closely related field plus 2 years of relevant experience in addition to the experience requested below may be accepted in lieu of an advanced university degree. Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent professional certification is also required. 
Experience:
  • At least seven years of professional experience in the IT field, of which at least three years working as an information security specialist in a large multi sites and international environment. A minimum of two years of experience as a team leader is also required.
Languages:
  • Excellent command of two working languages (English, French, Spanish) of the Organization.