Cyber Security Engineer (SG)(P3)
IMPORTANT NOTICE REGARDING APPLICATION DEADLINE: Please note that the closing date for submission of applications is indicated in local time as per the time zone of the applicant’s location.
Organizational Setting
The Department of Safeguards carries out the IAEA’s duties and responsibilities as the world’s nuclear inspectorate, supporting global efforts to stop the spread of nuclear weapons. The primary role of the Department is to develop and implement IAEA safeguards to ensure that there is no diversion of declared nuclear material from peaceful activities and no indications of undeclared nuclear material or activities in a State as a whole.
The Department comprises nuclear safeguards inspectors, responsible for carrying out inspections and verifications of all-safeguards relevant information for nuclear facilities in over 180 States; and technical staff responsible for a wide range of activities including: developing concepts and approaches for implementing safeguards; developing and maintaining safeguards equipment; providing analytical and laboratory services for sample analysis; collecting, evaluating and analysing safeguards-relevant information; providing information and communication technology infrastructure and services; and providing programme coordination support.
The Office of Information and Communication Systems (SGIS) is responsible for the provision of secure Information and Communication Technology (ICT) services that enable the Department of Safeguards to deliver on its mandate. Major services provided by SGIS include provision of information technology project management services; development and maintenance of specialized ICT solutions; operation of resilient ICT infrastructure; provision of customer support services; and protection of safeguards information. In partnership with other organizational entities, SGIS is responsible for planning and implementing ICT strategies as well as promoting ICT standards.
Main Purpose
The Cyber Security Engineer is part of the Safeguards Security Group and a key contributor to the cyber security operations and defence activities for the Department of Safeguards and the Division of Nuclear Security. The purpose for this role is to deploy, configure, and evolve cyber threats prevention, detection, and monitoring capabilities. He/she will manage, improve, and scale up detection/response program engaging in innovative work related to identification and hunting for novel threats; administration of security information and events management and security orchestration tools; as well as provide subject matter support for cyber security operations to assure best-in-class protection and incident response.
Role
The Cyber Security Engineer is (a) a technical specialist that solves challenging security problems, usually at the intersection of detection, response, and security automation; (b) a technical expert who can understand and evaluate cyber threat landscape, with the ability to present risks and multiple possible solutions in a logical and constructive manner; (c) a practical problem solver with a can-do attitude and sense of ownership and accountability.
Functions / Key Results Expected
Core Competencies (Competency Framework)
Name Definition
Communication Communicates orally and in writing in a clear, concise and impartial manner. Takes time to listen to and understand the perspectives of others and proposes solutions.
Achieving Results Takes initiative in defining realistic outputs and clarifying roles, responsibilities and expected results in the context of the Department/Division’s programme. Evaluates his/her results realistically, drawing conclusions from lessons learned.
Teamwork Actively contributes to achieving team results. Supports team decisions.
Planning and Organizing Plans and organizes his/her own work in support of achieving the team or Section’s priorities. Takes into account potential changes and proposes contingency plans.
Functional Competencies
Name Definition
Client orientation Helps clients to analyse their needs. Seeks to understand service needs from the client’s perspective and ensure that the client’s standards are met.
Commitment to continuous process improvement Plans and executes activities in the context of quality and risk management and identifies opportunities for process, system and structural improvement, as well as improving current practices. Analyses processes and procedures, and proposes improvements.
Technical/scientific credibility Ensures that work is in compliance with internationally accepted professional standards and scientific methods. Provides scientifically/technically accepted information that is credible and reliable.
Required Expertise
Function Name Expertise Description
Information Technology IT Security Experience in participating in IT security incident response, forensics, vulnerability assessment, software assessments, and other IT security areas.
Information Technology Information Security and Risk Management Managing information security risk through the application of technical, procedural, detective, and other types of controls, monitoring their progress, and assessing their maturity levels.
Information Technology Network Security Understand internetworking, the associated protocols, the application layers of stacks, and the ability to analyze network traffic and activity data for issues and anomalies.
Information Technology Software Engineering Can automate work using code and create tools to contribute to the team and its work.
Information Technology Systems Administration Specify, implement, and manage security systems and the platforms they run on.
Asset Expertise
Function Name Expertise Description
Management and Programme Analysis Project Management Demonstrated expertise in managing security projects and delivering complex, multi-stakeholder products that reduce risk or bring about new capabilities.
Information Technology Systems Administration Manage platform for security tools running on the Linux operating system
Qualifications, Experience And Language Skills
The IAEA offers an attractive remuneration package including a tax-free annual net base salary starting at US $64121 (subject to mandatory deductions for pension contributions and health insurance), a variable post adjustment which currently amounts to US $ 32061*, dependency benefits, rental subsidy , education grant , relocation and repatriation expenses ; Other benefits include 6 weeks' annual leave, home leave travel , pension plan and health insurance. More information on the conditions of employment can be found at: https://www.iaea.org/about/employment/professional-staff/conditions
General Information
SGIS-Safeguards Security Group
Primary Location
Austria-Vienna-Vienna-IAEA Headquarters
Job Posting
2023-05-25, 1:26:30 PM
Closing Date
2023-06-25, 11:59:00 PM
Duration in Months
36
Contract Type
Fixed Term - Regular
Probation Period
1 Year
Full Competitive Recruitment
Yes
Organizational Setting
The Department of Safeguards carries out the IAEA’s duties and responsibilities as the world’s nuclear inspectorate, supporting global efforts to stop the spread of nuclear weapons. The primary role of the Department is to develop and implement IAEA safeguards to ensure that there is no diversion of declared nuclear material from peaceful activities and no indications of undeclared nuclear material or activities in a State as a whole.
The Department comprises nuclear safeguards inspectors, responsible for carrying out inspections and verifications of all-safeguards relevant information for nuclear facilities in over 180 States; and technical staff responsible for a wide range of activities including: developing concepts and approaches for implementing safeguards; developing and maintaining safeguards equipment; providing analytical and laboratory services for sample analysis; collecting, evaluating and analysing safeguards-relevant information; providing information and communication technology infrastructure and services; and providing programme coordination support.
The Office of Information and Communication Systems (SGIS) is responsible for the provision of secure Information and Communication Technology (ICT) services that enable the Department of Safeguards to deliver on its mandate. Major services provided by SGIS include provision of information technology project management services; development and maintenance of specialized ICT solutions; operation of resilient ICT infrastructure; provision of customer support services; and protection of safeguards information. In partnership with other organizational entities, SGIS is responsible for planning and implementing ICT strategies as well as promoting ICT standards.
Main Purpose
The Cyber Security Engineer is part of the Safeguards Security Group and a key contributor to the cyber security operations and defence activities for the Department of Safeguards and the Division of Nuclear Security. The purpose for this role is to deploy, configure, and evolve cyber threats prevention, detection, and monitoring capabilities. He/she will manage, improve, and scale up detection/response program engaging in innovative work related to identification and hunting for novel threats; administration of security information and events management and security orchestration tools; as well as provide subject matter support for cyber security operations to assure best-in-class protection and incident response.
Role
The Cyber Security Engineer is (a) a technical specialist that solves challenging security problems, usually at the intersection of detection, response, and security automation; (b) a technical expert who can understand and evaluate cyber threat landscape, with the ability to present risks and multiple possible solutions in a logical and constructive manner; (c) a practical problem solver with a can-do attitude and sense of ownership and accountability.
Functions / Key Results Expected
- Manage and evolve the content development within the Security Information and Event Management SIEM platform which includes use case creation, dashboard design, tuning of use cases and development of playbooks to minimize false positives.
- Configure event collections/ logging of events relevant to cybersecurity to integrate with the SIEM tool to enable near real-time alerting.
- Conduct regular threat hunting and independent threat research to augment and feed custom use case creation.
- Leverage advanced knowledge of security operations, cyber security tools, intrusion detection, and network security to detect, investigate, or prevent cyber intrusions.
- Perform in-depth analysis of security events, including malware analysis, network forensics detection, as well as share practices with junior incidents handlers.
- Collaborate with peers and lead development of dashboards, reports, and alerts to meet tactical cybersecurity requirements and monitor for indications of compromise.
- Act as an escalation point and take the role of technical subject matter expert and occasionally serve as incident manager in order to handle cyber intrusions and incidents.
- Contribute to the development of operational reporting and metrics such as KPIs, KRIs; produce regular and ad-hoc threat and event reports for the direct supervisor and the management team.
- Collaborate with the enterprise IT peers to appropriately configure cybersecurity systems and services that affect the overall security posture for the organization.
Core Competencies (Competency Framework)
Name Definition
Communication Communicates orally and in writing in a clear, concise and impartial manner. Takes time to listen to and understand the perspectives of others and proposes solutions.
Achieving Results Takes initiative in defining realistic outputs and clarifying roles, responsibilities and expected results in the context of the Department/Division’s programme. Evaluates his/her results realistically, drawing conclusions from lessons learned.
Teamwork Actively contributes to achieving team results. Supports team decisions.
Planning and Organizing Plans and organizes his/her own work in support of achieving the team or Section’s priorities. Takes into account potential changes and proposes contingency plans.
Functional Competencies
Name Definition
Client orientation Helps clients to analyse their needs. Seeks to understand service needs from the client’s perspective and ensure that the client’s standards are met.
Commitment to continuous process improvement Plans and executes activities in the context of quality and risk management and identifies opportunities for process, system and structural improvement, as well as improving current practices. Analyses processes and procedures, and proposes improvements.
Technical/scientific credibility Ensures that work is in compliance with internationally accepted professional standards and scientific methods. Provides scientifically/technically accepted information that is credible and reliable.
Required Expertise
Function Name Expertise Description
Information Technology IT Security Experience in participating in IT security incident response, forensics, vulnerability assessment, software assessments, and other IT security areas.
Information Technology Information Security and Risk Management Managing information security risk through the application of technical, procedural, detective, and other types of controls, monitoring their progress, and assessing their maturity levels.
Information Technology Network Security Understand internetworking, the associated protocols, the application layers of stacks, and the ability to analyze network traffic and activity data for issues and anomalies.
Information Technology Software Engineering Can automate work using code and create tools to contribute to the team and its work.
Information Technology Systems Administration Specify, implement, and manage security systems and the platforms they run on.
Asset Expertise
Function Name Expertise Description
Management and Programme Analysis Project Management Demonstrated expertise in managing security projects and delivering complex, multi-stakeholder products that reduce risk or bring about new capabilities.
Information Technology Systems Administration Manage platform for security tools running on the Linux operating system
Qualifications, Experience And Language Skills
- University Degree in computer Science, Information Management, IT Security or equivalent relevant experience. Four (4) additional years of experience may be considered in lieu of University Degree.
- Internationally recognised security relevant certification, such as CISSP, OSCP, GCIA, CYSA, or related certifications, is an asset.
- At least 5 years of relevant experience in information security, out of which at least 2 years performing digital forensics and incident handling tasks or management of threat detection and response automation tools.
- Proven experience in creating custom rules, dashboards, and reports using Endpoint Detection and Response (EDR) or Nextgen Antivirus (NGAV) tools is an asset.
- Ability to develop use cases for one of the following platforms: Splunk ES, QRadar, Sentinel, Sumo Logic, Exabeam, Chronicle, Sentinel, Log Rhythm and ELK (Elastic, Logstash, Beats, Kibana) stack
- Proven ability to use scripting skills for automation of cyber security response or technical threat intelligence processing.
- Knowledge of the Cyber Kill Chain methodology, Mitre Attack Framework, and Malware analysis methods is an asset.
- Experience in Linux system engineering and administration is an asset.
- Excellent oral and written command of English. Knowledge of other official IAEA languages (Arabic, Chinese, French, Russian and Spanish) is an asset.
The IAEA offers an attractive remuneration package including a tax-free annual net base salary starting at US $64121 (subject to mandatory deductions for pension contributions and health insurance), a variable post adjustment which currently amounts to US $ 32061*, dependency benefits, rental subsidy , education grant , relocation and repatriation expenses ; Other benefits include 6 weeks' annual leave, home leave travel , pension plan and health insurance. More information on the conditions of employment can be found at: https://www.iaea.org/about/employment/professional-staff/conditions
General Information
- The IAEA’s paramount consideration in the recruitment of staff member is to secure employees of the highest standards of efficiency, technical competence and integrity.
- Staff Members shall be selected without any unfair treatment or arbitrary distinction based on a person’s race, sex, gender, sexual orientation, gender identity, gender expression, religion, nationality, ethnic origin, disability, age, language, social origin or other similar shared characteristic or trait.
- The IAEA is committed to gender equality and to promoting a diverse workforce. Applications from qualified women and candidates from developing countries are strongly encouraged.
- Applicants should be aware that IAEA staff members are international civil servants and may not accept instructions from any other authority. The IAEA is committed to applying the highest ethical standards in carrying out its mandate. As part of the United Nations common system, the IAEA subscribes to the following core ethical standards (or values): Integrity , Professionalism and Respect for diversity .
- The IAEA has a zero-tolerance policy on conduct that is incompatible with the aims and objectives of the United Nations and the IAEA, including sexual harassment, abuse of authority and discrimination.
- The evaluation of applicants will be conducted on the basis of the information submitted in the application according to the selection criteria stated in the vacancy announcement. Applicants must provide complete and accurate information. Evaluation of qualified candidates may include an assessment exercise, which may be followed by a competency-based interview.
- Candidates under serious consideration for selection may be subject to reference and background checks as part of the recruitment process.
- Appointment is subject to a satisfactory medical report.
- Staff members may be assigned to any location.
- Candidates appointed to posts in the Professional and higher categories are subject to IAEA rotation policy and their maximum tour of service shall normally be seven years.
- The IAEA retains the discretion not to make any appointment to this vacancy, to make an appointment at a lower grade or with a different contract type, or to make an appointment with a modified job description or for shorter duration than indicated above.
SGIS-Safeguards Security Group
Primary Location
Austria-Vienna-Vienna-IAEA Headquarters
Job Posting
2023-05-25, 1:26:30 PM
Closing Date
2023-06-25, 11:59:00 PM
Duration in Months
36
Contract Type
Fixed Term - Regular
Probation Period
1 Year
Full Competitive Recruitment
Yes
To apply for this job please visit iaea.taleo.net.