Puestos de trabajo
AN/004 2018 IT Security Assistant (2 Positions)
Publicado el 12 de abril de 2018 por OIM
This position is based in Panama Administrative Centre (PAC), headed by the Director of PAC. Information and Communications Technology (ICT) is one of the divisions with its operations delocalized to PAC.
Under the overall supervision of the Disaster Recovery Manager, and under the direct supervision of the IT security officer, the incumbent is part of Information Security team.
The successful candidate will be an experienced Security Information and Event Management Engineer (SIEM) with demonstrated competence and thought leadership capability to contribute toward the success of our technology initiatives. This individual will focus on building and tuning security alerts, reports and assisting with use of the SIEM for real-time investigation and analysis Core Functions / Responsibilities:
1.Responsible for selection, design, documentation, and deployment of IOM’s SIEM solution. 2.Responsible for designing, building, testing and implementation of log sources into the SIEM. 3.Responsible for designing, building, testing and implementation of security alerts and reports using knowledge of event source logs and network packet data. 4.Partner with other operations team to tune out false positives from alerts. 5.Improve the ability to build complex security alerts by making and implementing recommendations on event source coverage, log and packet meta-tagging, and log and packet filtering. 6.Design and build dashboards in the SIEM. 7.Assist users of the SIEM in real-time investigation and analysis. 8.Evaluates and recommends new and emerging security products and technologies. 9.Stay abreast of current technologies, security compliance requirements, standards and industry trends to help achieve the goals of the department. 10.Research and document security best practices to continually improve the deployment and use of the SIEM. 11.Maintain the health, performance, stabilization, tuning and ongoing planning of the SIEM platform. 12.Support and evolve the SIEM platform 13.Partners with groups within the organization to ensure successful deployments of the SIEM 14.Partners with other Cyber Defense teams in the integration of security tools with the SIEM. 15.Performs the daily operation and execution of security-related tools, processes, and controls related to cyber defense initiatives. 16.Looks for ways to optimize security process and recommends opportunities and solutions for improvement and automation. 17.Supports and mentor other members of the team. 18.Supports and participates in incident response and technical investigations as needed. 19.Ensures adherence to compliance regulations and policies. Works to develop and interpret security policies and procedures. 20.Supports acquisition and vendor risk assessment due diligence Required Qualifications and Experience
•Completed university degree in Computer Sciences, Engineering or relevant field from an accredited academic institution. •Industry adopted security certification (e.g., CISSP)
•4+ years’ experience in a SOC environment •4+ years of experience with SIEM solutions (ArcSight, QRadar, AlienVault, LogRhythm, Splunk, etc.). •4+ years’ experience with processes, tools, techniques, and practices for assuring adherence to standards associated with accessing, altering and protecting organizational data. •Advanced experience with complex event processing (CEP) •Expert experience in log data analysis for identifying malicious behavior and security threats. •Advanced to expert experience in network packet analysis for identifying malicious behavior and security threats. •Ability to recognize security events of interest that may require improved detection/alerting capabilities. •Advanced experience with both structured (relational) and unstructured databases. •Advanced experience with process automation and scripting (i.e., XML, C, VBA, Regular Expressions, python, pearl, etc.) •Experience with SNMP, Syslog, WinRM, etc. •Strong attention to detail and process. •Excellent organizational, time management and interpersonal skills. •Project Management skills. •Security and IT Metrics experience a plus. •Understanding and application of NIST or other security control frameworks.
Languages •Fluency in English and Spanish •Working knowledge of French is an advantage
How to apply:
Interested candidates are invited to submit their applications via e-mail to PAC-Recruitment@iom.int, by April 26, 2018 at the latest, referring to this advertisement.
For further information, please refer to http://panama.iom.int/en/vacancies and http://ciudaddelsaber.org/es/oportunidades/empleos
In order for an application to be considered valid, IOM only accepts documentation duly completed (resume in the format attached and intention letter).