The International Committee of the Red Cross (ICRC) is a neutral, impartial and independent humanitarian organization that works to protect and assist people affected by armed conflict and other situations of violence. To find out more about ICRC’s mission and its activities visit www.icrc.org.
Security Operations Center Engineer provides day-to-day operation of the ICRC's hybrid Security Operations Center (SOC), working under the supervision of the ICRC's SOC Coordinator and the overall ICRC Chief Security Information Officer function (CISO).
As part of a dedicated team based in Belgrade, the SOC engineer works as a Cyber Security Operations Center (SOC) analyst to prevent, detect, analyze, respond to and report on cyber security incidents across the global ICRC IT landscape.
The Belgrade Shared Services Centre is looking for suitable candidates to fill the following position:
Security Operations Center Engineer
(location: Belgrade)
MAIN TASKS
- Supports the SOC coordinator and CISO function in the delivery of the overall ICRC cyber security strategy
- Contributes to the continuous improvement and evolution of the overall SOC mission
- Cyber security monitoring:
- Interfaces with SOC Service provider for suspected cyber security incidents
- Acts as the contact point behind standard reporting channels for suspected cyber security incidents
- Cyber security incident response:
- Validates, triages, prioritizes and manages Tier 1 cases
- Manages specific Tier 2 tasks assigned by the SOC coordinator
- Provides cyber security incident handling assistance to ICRC constituents and support teams
- Disseminates incident-related information to constituents and concerned parties via the given process, tooling and communication channels
- Appropriately preserves evidence from impacted computing environments
- Ensures containment, eradication and recovery tasks are appropriately performed
- Escalates unresolved, persistent or repetitive cases to the SOC Coordinator
- Vulnerabilities management:
- Supports operation of the global vulnerability management process
- Coordinates remediation activities
- Validates and verifies remediation activities
- Escalates unresolved, persistent or repetitive vulnerabilities to SOC Coordinator
REQUIRED PROFILE
- A University degree in Computer Science, Engineering or related field
- At least 2 years of relevant professional experience related to enterprise IT operations
- Ability to manage workflows within dedicated case management and common service management tooling
- Working knowledge with common desktop and server OS, container technology, databases and network administration/management
- Working knowledge of OSI network stack including major IPv4/IPv6 protocols using TCP/UDP including SMTP, HTTP, DNS, SNMP, LDAP etc.
- Fluency in 1 or more scripting languages
- Familiarity with core FOSS tools (e.g.: tcpdump, Wireshark)
- Basic knowledge of core crypto solutions including AES, RSA, DH, SHA, Kerberos, NTLMv2, TLS, OpenSSL
- Basic knowledge of enterprise security architecture and engineering
- Basic knowledge of digital forensics
- Ability to work in English (written and spoken)
- Solid sense of integrity, limits and understanding of the overall SOC organization and wider mission
- Problem-solving and time management are essential
- Ability to work in an international & multicultural environment
- Ability to adapt to high tempo, high stress environments
ASSETS
- Major in Security
- Certification relevant to computer network defense such as SANS GIAC, CEH, Security+ and/or Offensive Security
- Python and/or Powershell/Powershell Core
- French and/or Spanish
WHAT WE OFFER
- Work and progressive professional development in an exciting international environment
- An inspiring opportunity to practice your profession in a humanitarian and multicultural organization
- Stimulating benefits package
If you are interested in this position, please send us your CV and Motivation letter exclusively in English.
Only shortlisted candidates will be contacted.