Grade: P4
Vacancy no.: RAPS/6/2023/INFOTEC/01
Publication date: 24th November 2023
Application deadline (midnight Geneva time): 4th January 2024
Job ID: 11441
Department: INFOTEC
Organization Unit: TMS
Location: Geneva
Contract type: Fixed Term
The following are eligible to apply:
Staff members with at least five years of continuous service with the Office are encouraged to apply.
Applications from candidates who have already separated from ILO service upon retirement or early retirement, will not be considered.
The ILO values diversity among its staff and welcomes applications from qualified female candidates. We also encourage applicants with disabilities. If you are unable to complete our online application form due to a disability, please send an email to ilojobs@ilo.org.
The ILO welcomes applicants with experience in working within ILO constituents (governments, employers’ and business membership organizations, and workers’ organizations).
Applicants from non- or under-represented member States, or from those member States which staffing forecasts indicate will become non- or under-represented in the near future would be particularly welcome. A list of these countries can be found here: ILO Jobs: Non- and under-represented Member States
In addition to the interviews and tests that any candidate may be required to take, successful completion of the ILO Assessment Centre is required for all external candidates and any internal candidate applying to a higher category.
Notwithstanding the general considerations set out in the ILO Staff Regulations, this vacancy announcement is the only authoritative document pertaining to the qualifications required for this position. The minimum required qualifications were determined in view of the specific duties and responsibilities of this position.
The specific language requirements for this position are detailed hereunder. However, candidates applying for the professional category vacancies who have not already successfully completed their probationary period within the ILO and whose mother tongue is not one of the working languages of the Office (English, French and Spanish), shall be required to possess a fully satisfactory working knowledge of at least one of the ILO working languages. If appointed they may be required to acquire a knowledge of a second working language of the Office during their initial years of service.
The position is located in the Technology Management Services (TMS) Branch within the Information and Technology Management Department (INFOTEC). INFOTEC provides modern, secure, and reliable IT infrastructure, technologies, applications and services to enable the ILO to effectively use technology to perform its mission.
The position is responsible for all operational aspects of information security across the organisation. This includes day to day information security events monitoring, incident management, threat hunting, threat intelligence and vulnerability management. Additionally, the position is responsible for designing, implementing, and maintaining the security platform and tools supporting operational activities.
The incumbent will be a hands-on information security professional leading a small team of information technology specialists and overseeing the work of service providers. The position reports to the Branch Chief, TMS.
1. Oversee information security operations, including Security Operations Centre (SOC) and Identity and Access Management (IAM). Ensure events are assessed, categorized, triaged, and escalated according to established classification and procedures.
2. Coordinate the definition and documentation of operating processes in line with governance and regulation rules in place. Ensure standard procedures are communicated to the relevant staff members and contractors, monitor adherence to defined processes.
3. Lead cyber security incidents resolution and coordinate incident response activities across different teams including threat hunting. Produce incident reports, forensic analysis and suggest improvement plans.
4. Design, build, automate, maintain, and document a coherent and cost-effective information security ecosystem. This primarily includes Security Information and Event Management (SIEM), Security Orchestration, Automation and Response (SOAR), Endpoint Detection and Response (EDR), Network Detection and Response (NDR), intrusion detection and vulnerability discovery.
5. Build big data analysis and reporting capabilities to collect, and analyse logs, metrics, and events from multiple sources. Supervise the creation of alerts and reports to identify potential risks and compliance breaches.
6. Provide information security expertise to ILO departments and field offices, advise projects on security standards and best practices. Contribute to the elaboration of guideline and standards in collaboration with other INFOTEC units.
7. Proactively assess the teams’ capacity to respond to cyber security incidents and emergency situations. Organise tabletop exercises, simulations and dry runs to improve resilience to attacks.
8. Routinely monitor and evaluate the global threat landscape, identify potential risks applicable to the ILO, suggest mitigations measures, develop analytics and alerting capacity when applicable.
9. Oversee the identification and remediation of vulnerabilities on new and existing products, develop remediation plans with business owners, review compliance reports.
10. Assume line management responsibilities for staff and contractors, including work planning and monitoring implementation of work, adjusting priorities as needed, hiring, performance management, and staff development and training.
11. Manage the relationship with key suppliers, monitor the performance of outsourced contracts, engage in procurement and contractual activities as required. Closely monitor technology developments, identify opportunities and make recommendations on future evolutions.
12. Perform other relevant duties as assigned.
These specific duties are aligned with the relevant ILO generic job description, which includes the following generic duties:
Advanced university degree (Master’s or equivalent) in computer science or other closely related field. A first-level university degree (Bachelor’s or equivalent) in computer science or other closely related field plus 2 years of relevant experience in addition to the experience requested below may be accepted in lieu of an advanced university degree. Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent professional certification is also required.
At least seven years of professional experience in the IT field, of which at least three years working as an information security specialist in a large multi sites and international environment. A minimum of two years of experience as a team leader is also required.
Excellent command of two working languages (English, French, Spanish) of the Organization.
In addition to the ILO core competencies, this position requires:
Technical
- Expert knowledge of the Microsoft security stack, including Sentinel, Defender for Endpoints, Servers and Identity.
- Expert knowledge of threat hunting techniques and incident management coordination
- Intimate knowledge of web and security protocols (eg. TCP/IP, HTTP/S, TLS), encryption and cryptography.
- Familiar with data classification and protection concepts
- Ability to multi-task, manage different projects in parallel and coordinate across boundaries.
- Ability to communicate effectively with technical and non-technical people at different levels or the organisation.
- Ability to write clear documentation, business cases and terms of reference.
Advanced knowledge of the following as applicable:
Up-to-date knowledge of technological advancements, technical specifications and operating procedures in the area of work. Advanced knowledge of the organization’s computing environment. Ability to analyse complex user requirements and incorporate them into new and existing systems. Ability to analyse and evaluate the technical work carried out by subordinate staff. Ability to plan and organize work. Ability to solve complex technical problems. Ability to communicate effectively both orally and in writing. Ability to provide expert advice on IT systems. Ability to provide user support and give presentations and training. Ability to produce documentation and reports. Ability to work on own initiative as well as a member of a team.
Behavioural-
- Ability to work effectively during crisis situations, implying a potentially tense environment
- Ability to adjust to change of priority, sometimes on short notice.
- Ability to work in a multicultural environment and to demonstrate gender-sensitive and non-discriminatory behaviour and attitudes.
Conditions of employment
For more information on conditions of employment, please visit the ILO Jobs International Recruitment page.
Important Information
Any officials of the General Service category interested in applying to this position are hereby informed that, if selected, they will be offered the salary and allowances applicable to the grade of the position applied for, which may result in substantial changes in their take-home remuneration. In accordance with Article 3.4 of the Staff Regulations, the salary of an official, upon promotion, shall in no case be greater than the maximum salary of the grade to which he or she was promoted. For any questions or clarifications, please contact your HR partner at hrpartner@ilo.org
Recruitment process
Please note that all candidates must complete an on-line application form. To apply, please visit the ILO Jobs website. The system provides instructions for online application procedures.
Evaluation (which may include one or several written tests and a pre-interview competency-based assessment centre) and the interviews will tentatively take place during the 3 to 4 months following the application deadline. Candidates are requested to ensure their availability should they be short listed for further consideration.
Depending on the location and availability of candidates, assessors and interview panel members, the ILO may use communication technologies such as Skype, Video or teleconference, e-mail, etc. for the assessment and evaluation of candidates at the different stages of the recruitment process, including assessment centres, technical tests or interviews.
The ILO has zero tolerance for acts of sexual exploitation and abuse (SEA) and is determined to ensure that all staff members and all beneficiaries of ILO assistance do not suffer, directly or indirectly, from sexual exploitation and abuse.
To ensure that individuals with a substantiated history of SEA, sexual harassment or other types of abusive conduct are not hired by the Organisation, the ILO may conduct a background verification of candidates under consideration.
Fraud warning
The ILO does not charge any fee at any stage of the recruitment process whether at the application, interview, processing or training stage. Messages originating from a non ILO e-mail account - @ilo.org - should be disregarded. In addition, the ILO does not require or need to know any information relating to the bank account details of applicants.