This position will be hybrid requiring 8 days per month in the office and can be based in the WRI office in The Hague or London or Kenya. Existing work authorization is required at the time of application submission. WRI is unable to sponsor any visa work sponsorship for this position.

About the Program:

Our Operations Department strives to assist our global offices in being low-risk and fully capable, enhancing their operational capabilities through a bond of mutual and sustainable growth, a high level of collaboration, and the ability to share knowledge across the sisterhood of offices. You will establish mutually agreed upon standards of performance, measuring the efficiency and effectiveness of the sisterhood of offices. All offices will have a clear focus on achieving a high capacity rating and be able to pass an organizational assessment to ensure the ability of donors to provide funding directly. The department strives for transparent processes across our network to manage and mitigate the institutional risks – operational, personnel, financial, and political.

Job Highlight:

Reporting to the Senior Manager, Information Security System, you will manage daily security operations. This includes alert/incident management, Azure Security Center, user Identity and access management, assets complaint and reporting. You will be supported by the Systems and Network administrator, Operations. You will also manage Microsoft user licenses and white-listed software licenses. You will be supported by your team members in IT and IT security. Currently, we have about ten team members in IT who will directly or indirectly support you.

What will you do:

Monitor and Respond to Security Incidents, requests, and queries (25%):

  • Monitor and Respond to Security Incidents, requests, and queries (Cyber, Privacy, and Fraud)
  • Initiate Emergency Response Process when needed
  • Drive the lifecycle of security incidents from initial triage through root-cause-analysis & corrective/preventive measures
  • Efficient communication with key stakeholders including senior responders & Support Teams during Security Incidents

    Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements (25%):

    • Ability to identify compromised computers using logs, packet capture, and related computer-centric evidence sources
    • Develop advanced capabilities necessary to monitor and detect indicators of compromise using security scripts, tools, and services
    • Must have good knowledge on Kusto Query language (KQL)
    • Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements

      Vulnerability and License Management (25%):

Recommended for you