Back Officer, IT Security Operations, Budapest, Hungary

Job Purpose

The position holder specializes in the IT security operation, focusing on providing timely, cost-effective services to ensure confidentiality, integrity, and availability targets are met, meeting and exceeding requirements to support critical business applications and end-user services.

The job purpose is to:

• Deliver and maintain high-quality IT security operations on server/data center infrastructure environments;
• Act as subject matter expert in the area of security operations technology and management – using the WinTel platform;
• Act as a focal point and manage security incidents as professional subject matter expert within the scope of security operation services;
• Preserve information confidentiality, integrity, and availability through strong security operational competencies;
• Set operational procedures, endorse their development in alignment with security operations activities requirements, maintain them up to date, and provide structured operation recommendations to the various IFRC stakeholders and end-users.

Job Duties and Responsibilities

General duties

• Ensure service security while respecting operating methods defined within the DITD.
• Manage security operations tools (monitoring and management) to ensure secure server operation and related infrastructure and underlying services for the various business applications and end-user services.
• Maintain the operational knowledge base in the service management tool; record incidents; provide quality resolution.
• Establish, update, and manage the operational processes jointly with the team leaders and the Manager – IS Services to warranty operational level agreements (OLA).
• Support the IT project managers during the project life cycle and manage related projects if required.
• Identify, review, and participate in developing IT training solutions to deliver appropriate, cost-effective training on IT topics for users while promoting on-line training opportunities.
• Contribute actively to the overall satisfaction level of IFRC end-users while developing and promoting effective working relationships within the ITD, the wider IFRC, and the RCRC Movement, including ICRC.
• Manage personal knowledge and continuously update your skillset on various systems and applications used at IFRC.
• Adhere to staff regulations of the IFRC Budapest Global Service Centre regulations and the IT security rules at all times.
• Communicate effectively with the various IFRC stakeholders within the IT sector, share knowledge and be subject matter experts.

Security Operations

• Adhere to and support the implementation and continuous improvement of the applicable Security Operational, ITIL, and Project Management processes and methodologies.
• Participate in the design and implementation of security incident response plans, methods, and processes.
• Detect and investigate threats and provide a timely and risk-aware response according to the appropriate incident response plans and operational considerations.
• Investigate suspicious and potentially malicious activities using the available monitoring and diagnostic tools, forensic technics, reverse engineering, and log analytics. Perform event correlation – as necessary – between the various cloud and on-premises systems and networks to hunt and track down potential IOCs based on analyzing the patterns in the characteristics of the known attack and threat vectors. Transform seemingly unrelated data-points into coherent actionable intelligence, propose and document appropriate proactive actions to prevent the recurrence of similar incidents.

Job Duties & Responsibilities 2

• Implement and monitor required security measures following risk-based priorities to protect the IFRC's information systems.
• Develop and propagate the use of relevant standard operational procedures, work instructions, and manuals with regards to the installation, configuration, operational maintenance, security compliance, and appropriate use of systems, networks, and services under the responsibility of the Infrastructure support unit.
• Provide 2nd and 3rd level operational support for the global networks, network security systems, servers, and other infrastructure components in the unit's scope. Participate in the development and UAT testing of change implementation procedures to conduct regular and on-demand maintenances in operational environments, ensuring that the performance predictability, availability, and overall compliance of Information systems are within the defined SLA/OLA/Compliance thresholds.
• Contribute to the design, implementation, and technological up-to-dateness of security baselines for the various server systems, networks, cloud platforms (SaaS, IaaS, PaaS), business applications, identity management, and security products and services.
• Support administrative duties related to administrative regulations, policies, processes, procedures, systems, reports, surveys, and forms.
• Participate in analytic studies by conducting systematic research on the existing and trending technologies processes and methodologies. Compile clear and well-detailed reports outlining the recommendations for changes in the services in scope. Identify discrepancies, and respond to routine inquiries related to the business, technological, and operational activities of the assigned department.
• Prepare reports, presentations, operational documents, and correspondence containing descriptive, analytical, and evaluative content related to business, technological, and operational activities subject to review and editing by higher-level staff members.
• Document incidents, problems, changes, and service requests with relevant information to allow continuous improvement within the support team and the end-users satisfaction level. Work in accordance with and advocate the applicable ITIL service delivery processes and functions implemented at the IFRC.
• Record and treat operational information (general and specific) accurately and confidentially.
• Maintain regular contact with end-users within the Secretariat as required.
• Maintain contacts with other support teams involved during the request resolution process.

Education

Required:

• Engineering degree in computer sciences discipline or equivalent experience
• ITIL certification or equivalent experience and proven track record of ITIL procedures use in an enterprise environment

Preferred:

• Project management professional certification
• Security Operations qualifications/certifications

Experience

• Minimum 5 years of professional experience in the administration, setup, maintenance, and management of data centers
• Minimum 5 years of professional experience in the administration, setup, maintenance, and management of Windows Servers, including failover clustering
• Minimum 3 years of professional experience in the implementation and operational support of Microsoft cloud platforms and services. (Azure AD P1, O365 – EXO)
• Experience with the implementation, configuration, custom dashboard development, and automation of SIEM systems and alerts are preferred
• Active and hands-on experience in incident hunting using Microsoft provided on-premises and cloud-based platforms and services, and/or well-known third-party applications.
• Advanced, hands-on PowerShell skills and experience are a must.
• Minimum 3 years of professional experience in managing enterprise-grade firewall and/or IDS/IPS systems. Knowledge of and ability to effectively troubleshoot issues on protocol layers is a must. Experience with SD-WAN and APM is an advantage.
• Understanding networking concepts, topologies, subnetting, and protocols: OSI, TCP/UDP, CIDR/VLSM, NAT/PAT, L2TP/IPSEC, BGP/OSPF, VRRP is a must. Experience in service management and reporting tools

Knowledge, Skills and Language

• Excellent knowledge and proven experience in Windows Server 2012 or 2016, Active Directory, Active Directory Federation Services, and Active Directory Certificate Services management.
• Excellent knowledge and proven experience with software deployment solution tools (SCCM or Intune is an advantage)
• Good knowledge of antivirus policies and deployment (McAffee and Microsoft) applied to servers and workstations protection
• Good knowledge of industry-standard monitoring systems (MS SCOM, Azure Monitoring, Zabbix...etc.)
• Excellent knowledge combined with a profound technical understanding of the various protocols involved in the user/device/claim authentication-authorization, file sharing, email delivery, and cryptography operations in a Microsoft Active Directory Domain infrastructure.
• Good knowledge of TLS/SSL protocols certificate management is required.
• Good knowledge of SOC functions and processes.
• Proven team player, ability to adjust to different cultures and languages
• Adept at analysis, problem-solving, solution and end-user result-oriented
• Affinity for teamwork, collaborative attitude, open-minded and adaptable
• Well organized, able to work under pressure and manage emergencies
• Good analytical skills to interpret problems identifies solutions, and possible side-effects.
• Fluently spoken and written English is required
• Good command of another IFRC official language (French, Spanish or Arabic) is preferred, Hungarian is an asset

Competencies and Values

Accountability National Society relations Teamwork Development Integrity Strategic Orientation Collaborating, influencing Building alliances Building trust Effective communication

Comments

“This is a national staff position open to Hungarian nationals and others who are legally eligible to work in Hungary. Candidates must be able to provide proof of their eligibility to work in Hungary.”

ccmGx42-owT1v