Consultant - Cyber Security Operations

The consultant will provide support and expertise in incident response and IT security systems operations within the Security Systems Unit. Responsibilities include analysis of security threats, incident response, threat hunting, and enhancing security monitoring capabilities.

Responsibilities

• Collect and analyse evidence including network traffic, volatile data, logs, and other indicators of compromise in order to identify security threats.
• Perform real-time analysis and correlation of events from a multitude of data sources with a focus on identifying new indicators of compromise and detecting anomalies and potential security incidents.
• Provide technical resolution or escalation of security investigation tickets, ensuring that proper containment, eradication, recovery and lesson-learned activities are maintained.
• Conduct threat hunting exercises across the IAEA's environment based on external threat intelligence and in-house research.
• Suggest opportunities to improve security detection & monitoring capabilities, based on observations, and provide recommendations on tuning of signatures, rules and alerts.
• Propose solutions on creative ways to do work faster, better and more effectively while maintaining a high quality of service.
• Review and update documentation, work instructions, and SOPs for relevant tasks, and provide ongoing reporting to senior management.

Requirements

• A first level university degree in Computer Science, Information Technology or related field highly desirable.
• Minimum 5 years of relevant experience with at least 2 years' experience related to operational security monitoring, incident response experience, technical threat intelligence, or security research.
• Demonstrated experience conducting security analysis, incident response and/or digital forensics, making use of a broad range of data sources and technologies.
• Demonstrated experience using intrusion detection, security information and event management (SIEM) systems, endpoint detection and response (EDR), and other relevant security tools.
• Demonstrated ability to drive changes and provide tangible results.
• Excellent problem-solving skills and experience diagnosing and solving technical issues.
• Strong verbal and written communication skills with ability to communicate effectively and clearly to executive leadership.
• Technical understanding of network fundamentals and common internet protocols.
• Experience with one or more programming or scripting languages is desirable.
• Excellent knowledge of English. Knowledge of other official IAEA languages (Arabic, Chinese, French, Spanish and Russian) an asset.

Skills

• Operational Security Monitoring
• Incident Response
• Technical Threat Intelligence
• Security Research
• Security Analysis
• Digital Forensics
• Intrusion Detection
• Security Information and Event Management
• SIEM
• Network Detection and Response
• EDR
• Security Tools
• Networking Fundamentals
• Internet Protocols
• Programming Languages
• Scripting Languages
• Problem Solving
• Technical Issue Diagnosis
• Security Monitoring
• Threat Hunting

Languages

English