Consultant – Cyber Security Engineer

Organizational Setting

The Division of Information Technology provides support to the IAEA in the field of information and communication technology (ICT), including information systems for technical programmes and management. It is responsible for planning, developing and implementing an ICT strategy, for setting and enforcing common ICT standards throughout the Secretariat and for managing central ICT services. The IAEA’s ICT infrastructure comprises hardware and software platforms, and cloud and externally-hosted services. The Division has implemented an IT service management model based on ITIL (IT Infrastructure Library) and Prince2 (Projects in a Controlled Environment) best practices.

The Infrastructure Services Section (ISS) is responsible for implementing, maintaining, and administering the ICT systems and services for high availability; designing, implementing, and operating IT security services; and managing the data centre. The platforms include Microsoft Windows servers, Linux servers, Oracle EBS infrastructure, data storage, and transmission networks, serving more than 2500 staff, as well as over 10000 external users around the world. The Section includes three Units: Network and Telecommunications, Enterprise Systems, and Security Systems.

Main Purpose

The purpose of the consultancy is to provide technical advice and expertise to new and on-going short-term and long-term projects/ activities to hardening the foundation of our computing environment.

Under supervision of the IT Security Head, the consultant will be serving as an infrastructure security engineer and will be responsible for the global enterprise network security. The consultant will ensure implementations, operational maintenance, and provide technical expertise for various security technologies as typical of an enterprise global environment.

Functions / Key Results Expected

• Collect and analyse evidence including network traffic, volatile data, logs, or other indicators of compromise in order to identify security threats.
• Perform real-time analysis and correlation of events from a multitude of data sources with a focus on identifying new indicators of compromise or determine anomalies and potential security incidents.
• Design, implement, and manage the organization’s Cloud SIEM.
• Provide technical resolution of security investigation tickets, ensuring that proper containment, eradication, recovery and lessons-learned activities are maintained.
• Advise on opportunities to improve security detection & monitoring capabilities, provide recommendations for, and implement tuning of signatures, rules and alerts.
• Identify and characterize new emerging technologies, trends, security methods, and threats based on relevant organizational context.
• Propose and implement creative solutions to work faster, better and more effectively while maintaining a high quality of service.
• Advise on the management and improvement of the organization’s Email Security Gateway to protect against threats such as phishing, malware, and spam.
• Optimize IAEA’s Endpoint Detection and Response and Cloud Security Solutions.
• Develop and implement technical solutions and new security tools to help strengthen the organization’s security posture, mitigate security vulnerabilities and automate repeatable tasks.

Knowledge, Skills and Abilities

Required –

Skills and Expertise

•    Network Engineering

•    Network Security

•    Network Architecture

•    IT Security

Qualifications and Experience

• University degree in Computer Science or other related field.
• Minimum of five years of relevant experience with at least 2 years’ experience related to operational security monitoring, incident response experience, technical threat intelligence, or security research.
• Demonstrated experience using Firewalls, Intrusion Detection/Prevention Systems,, Cloud Solutions, and Log Aggregation Technology to conduct analysis for evidence of network penetrations and data theft.
• Demonstrated experience using intrusion detection, security event management systems, and other applicable security tools.
• Demonstrated ability to drive changes and provide tangible results.
• Excellent problem-solving skills that would allow for the ability to diagnose and troubleshoot technical issues.
• Strong verbal and written communication skills with ability to communicate effectively and clearly to executive leadership.
• Technical understanding of network fundamentals and common internet protocols.
• Ability to use one or more of the programming languages Java, C , Python, Ruby, PHP, JavaScript, etc.

Remuneration

The remuneration for this consultancy is a daily fee of up to a maximum of € 375, based on qualifications and experience. In case duty travel is required within the assignment, a daily subsistence allowance (DSA) and travel costs are provided. Health coverage and pension fund are the responsibility of the incumbent.