Job Purpose

The position holder specializes in the IT security operation, focusing on providing timely, cost-effective services to ensure confidentiality, integrity, and availability targets are met, meeting and exceeding requirements to support critical business applications and end-user services.

The job purpose is to:

  • Deliver and maintain high-quality IT security architectures, processes, and operations on server/data center infrastructure environments;
  • Act as subject matter expert in the area of security operations technology and management – using the WinTel platform;
  • Act as a focal point and manage security incidents as professional subject matter expert within the scope of security operation services;
  • Preserve information confidentiality, integrity, and availability through strong security operational competencies;
  • Set operational procedures, endorse their development in alignment with security operations activities requirements, maintain them up to date, and provide structured operation recommendations to the various IFRC stakeholders and end-users.

Job Duties and Responsibilities

General duties

  • Ensure service security while respecting operating methods defined within the DITD.
  • Manage security operations tools (monitoring and management) to ensure secure server operation and related infrastructure and underlying services for the various business applications and end-user services.
  • Maintain the operational knowledge base in the service management tool; record incidents; provide quality resolution.
  • Establish, update, and manage the operational processes jointly with the team leaders and the Manager – IS Services to warranty operational level agreements (OLA).
  • Support the IT project managers during the project life cycle and manage related projects if required.
  • Identify, review, and participate in developing IT training solutions to deliver appropriate, cost-effective training on IT topics for users while promoting on-line training opportunities.
  • Contribute actively to the overall satisfaction level of IFRC end-users while developing and promoting effective working relationships within the ITD, the wider IFRC, and the RCRC Movement, including ICRC.
  • Manage personal knowledge and continuously update your skillset on various systems and applications used at IFRC.
  • Adhere to staff regulations of the IFRC Budapest Global Service Centre regulations and the IT security rules at all times.
  • Communicate effectively with the various IFRC stakeholders within the IT sector, share knowledge and be subject matter experts.

Security Operations

  • Take part in the design, implementation, and continuous improvement of the applicable Security Operational ITIL and Project Management processes and methodologies.
  • Detect and investigate threats and provide a timely and risk-aware response according to the appropriate incident response plans and operational considerations.
  • Act as a technical lead in investigating suspicious and potentially malicious activities using the available monitoring and diagnostic tools, forensic technics, reverse engineering, and log analytics. Develop and implement automated mechanisms for event correlation – as necessary – between the various cloud and on-premises systems and networks to hunt and track down potential IOCs based on analyzing the patterns in the characteristics of the known attack and threat vectors. Transform seemingly unrelated data-points into coherent actionable intelligence, propose and document appropriate proactive actions to prevent the recurrence of similar incidents.
  • Develop and propagate the use of relevant standard operational procedures, work instructions, and manuals with regards to the installation, configuration, operational maintenance, security compliance, and appropriate use of systems, networks, and services under the responsibility of the Infrastructure support unit.
  • Provide 3rd level operational support for the global networks, network security systems, servers, and other infrastructure components in the unit's scope. Lead the development and UAT testing of change implementation procedures to conduct regular and on-demand maintenances in operational environments, ensuring that the performance predictability, availability, and overall compliance of Information systems are within the defined SLA/OLA/Compliance thresholds.
  • Be responsible for the design, implementation, and technological up-to-dateness of security baselines for the various server systems, networks, cloud platforms (SaaS, IaaS, PaaS), business applications, identity management, and security products and services.

Job Duties & Responsibilities 2

  • Support administrative duties related to administrative regulations, policies, processes, procedures, systems, reports, surveys, and forms.
  • Define the scope and lead analytic studies by conducting systematic research on the existing and trending technologies processes and methodologies. Compile clear and well-detailed reports outlining the recommendations for changes in the services in scope. Identify discrepancies, and respond to routine inquiries related to the business, technological, and operational activities of the assigned department.
  • Prepare reports, presentations, operational documents, and correspondence containing descriptive, analytical, and evaluative content related to business, technological, and operational activities subject to review and editing by higher-level staff members.
  • Document incidents, problems, changes, and service requests with relevant information to allow continuous improvement within the support team and the end-users satisfaction level. Work in accordance with and advocate the applicable ITIL service delivery processes and functions implemented at the IFRC.
  • Record and treat operational information (general and specific) accurately and confidentially.
  • Maintain regular contact with end-users within the Secretariat as required.
  • Maintain contacts with other support teams involved during the request resolution process.
  • Communicate key risks to management.

Security Engineering

  • Take responsibility for the design, implementation, and maintenance of information system security controls and countermeasures.
  • Conduct regular analysis and compile recommendations for security controls and procedures in the acquisition, development, change management lifecycle of information systems. Ensure adequate performance and compliance indicators are met and measured against IFRC standards.
  • Proactively analyze and contribute to the development, implementation, and maintenance of information security governance, including organizational policies, procedures, guidelines, and training materials with respect to information security and the appropriate use of information systems.
  • Participate and support the execution of audit activities in relation to the day to day operation and continuous improvement of Information Security systems, controls, and governance processes. Develop an audit-response plan to ensure that cost-effective control and security measures are implemented and risks are minimized to an acceptable level.
  • Take part and support the Organization in performing regular and ad-hoc simulated cyber-attacks (penetration tests, phishing-simulations, credential harvesting, and malicious payload delivery simulations), vulnerability, and risk assessment activities. Ensure technically adequate documentation is available for the stakeholders and decision-maker bodies. Develop and lead the execution of comprehensive mitigation plans to address the discovered security issues, gaps, and vulnerabilities based on the associated risk-levels, operational, and project priorities.
  • Act as a subject matter expert for the architecture, build, and secure operation of information systems, including networks, network security systems, computing infrastructure in both on-premises and cloud environments.
  • Participate in the development, implementation, and post-implementation support of related projects to improve IFRC's security posture.

Education

Required:

  • Engineering degree in computer sciences discipline or equivalent experience
  • ITIL certification or equivalent experience and proven track record of ITIL procedures use in an enterprise environment
  • Security Operations certificates or willingness to acquire those deemed necessary.

Preferred:

  • Project management professional certification.

Experience

Required:

  • Minimum 8 years of professional experience in the administration, setup, maintenance, and management of data centers
  • Minimum 8 years of professional experience in the administration, setup, maintenance, and management of Windows Servers, including failover clustering
  • Minimum 3 years of professional experience in the implementation and operational support of Microsoft cloud platforms and services. (Azure AD P1, O365 – EXO)
  • Active and hands-on experience in incident hunting using Microsoft provided on-premises and cloud-based platforms and services, and/or well-known third-party applications.
  • Advanced, hands-on PowerShell skills and experience are a must.
  • Minimum 5 years of professional experience in managing enterprise-grade firewall and/or IDS/IPS systems. Knowledge of and ability to effectively troubleshoot issues on protocol layers is a must. Experience with SD-WAN and APM is an advantage.
  • Understanding networking concepts, topologies, subnetting, and protocols: OSI, TCP/UDP, CIDR/VLSM, NAT/PAT, L2TP/IPSEC, BGP/OSPF, VRRP is a must. Experience in service management and reporting tools

Preferred:

  • Experience with the advanced configuration, roll-out, and operational support of Microsoft Security Systems and Services: ATA, MCAS, AIP/DLP, Intune, AzureAD PIM...etc.
  • Experience with the implementation, configuration, custom dashboard development, and automation of SIEM systems and alerts.
  • Experience in performing simulated cyber-attacks, risks, and vulnerability assessments.

Knowledge, Skills and Language

  • Excellent knowledge and proven experience in Windows Server 2012 or 2016, Active Directory, Active Directory Federation Services, and Active Directory Certificate Services management.
  • Excellent knowledge and proven experience with software deployment solution tools (SCCM or Intune is an advantage)
  • Good knowledge of antivirus policies and deployment (McAffee and Microsoft) applied to servers and workstations protection
  • Good knowledge of industry-standard monitoring systems (MS SCOM, Azure Monitoring, Zabbix...etc.)
  • Excellent knowledge combined with a profound technical understanding of the various protocols involved in the user/device/claim authentication-authorization, file sharing, email delivery, and cryptography operations in a Microsoft Active Directory Domain infrastructure.
  • Good knowledge of TLS/SSL protocols and certificate management is required.
  • Good knowledge of SOC functions and processes.
  • Proven team player, ability to adjust to different cultures and languages
  • Adept at analysis, problem-solving, solution and end-user result-oriented
  • Affinity for teamwork, collaborative attitude, open-minded and adaptabl
  • Well organized, able to work under pressure and manage emergencies
  • Good analytical skills to interpret problems identifies solutions, and possible side-effects
  • Fluently spoken and written English
  • Good command of another IFRC official language (French, Spanish or Arabic) is preferred.

Competencies and Values

Accountability National Society relations Teamwork Development Integrity Strategic Orientation Collaborating, influencing Managing performance Building alliances Building trust Effective communication

Comments

“This is a national staff position open to Hungarian nationals and others who are legally eligible to work in Hungary. Candidates must be able to provide proof of their eligibility to work in Hungary.”

ccmGxBH-owT1v

This vacancy is archived.

Recommended for you