Cyber Security Engineer at International Committee of the Red Cross (ICRC)

As Cyber Security Engineer, you will play a key role tosupport the mission of managing the security of the ICRC information systems in AFRICA Region, according to institutional expectations and work closely with other cybersecurity experts and diverse teams of IT professionals worldwide. In addition, contribute to the overall delivery of the institutional cyber security strategy with knowledge, experience, technical expertise and situational awareness over the broad range of the cyber security domains.

We look forward to hearing from you to help support our humanitarian action worldwide.

Tasks and responsibilities

• Support the Security Operation Center coordinator and CISO function in the delivery of the overall ICRC cyber security strategy.

Cyber security incident response:

• Provide cyber security incident handling assistance to ICRC constituents and support teams
• Disseminate incident-related information to constituents and concerned parties via the given process, tooling and communication channels
• Appropriately preserve evidence from impacted computing environments
• Ensure containment, eradication and recovery tasks are appropriately performed
• Escalate unresolved, persistent or repetitive cases to SOC Coordinator

Vulnerabilities management:

• Support operation of the global vulnerability management process
• Coordinate remediation activities
• Validate and verify remediation activities
• Escalate unresolved, persistent or repetitive vulnerabilities to SOC Coordinator
• Technical support for security local/regional projects, Feasibility Studies, Out of Catalog requests and other similar initiatives.
• On Demand security assessment in delegations.
• Local support during forensic activities.
• Point of contact for security questions at the regional level.
• Contribution to user awareness (communities/newsletter, cyber security events, etc.).
• Security dashboard follow-up and reporting.
• Enforcement (compliance with ICT security policies).

Minimum Requirements and competencies

• A University degree in Computer Science, Engineering or related field (with major in security is an asset),
• Minimum 4 years of relevant professional experience related to enterprise IT security operations,
• Certification relevant to computer network defence such as SANS GIAC, CEH, Security+ and/or Offensive Security is an asset;
• Ability to manage workflows within dedicated case management and common service management tooling.
• Working knowledge with common desktop,server and mobile OS, container technology, databases and network administration/management.
• Working knowledge of OSI network stack including major IPv4/IPv6 protocols using TCP/UDP including SMTP, HTTP, DNS, SNMP, LDAP etc.
• Familiarity with core FOSS tools (e.g.: tcpdump, Wireshark) is an asset.
• Basic knowledge of core crypto solutions including AES, RSA, DH, SHA, Kerberos, NTLMv2, TLS, OpenSSL.
• Basic knowledge of enterprise security architecture and engineering, security frameworks (NIST, ISO, ENISA, etc.) and digital forensics.
• Solid sense of integrity, limits and understanding of the overall SOC organisation and wider mission.
• Ability to work in English (written and spoken). French and/or Spanish is an asset.
• Experience in technical security assessment