Result of Service

UNRWA is an equal opportunity employer and welcomes applications from both women and men.
UNRWA encourages applications from qualified women. Only those applicants shortlisted for an interview will be contacted. UNRWA is a non-smoking environment.

Work Location

Gaza

Expected duration

6 to11 months

Duties and Responsibilities

• Provide analysis and trending of security log data from a large number of heterogeneous securities devices.
• Perform deep analysis to potential security incidents to identify the full kill chain.
• Provide threat and vulnerability analysis as well as security advisory services.
• Analyze and respond to previously undisclosed software and hardware vulnerabilities.
• Investigate, document, and report on information security issues and emerging trends.
• Evaluation and prioritization of detected alerts.
• Analysis the security alerts produced by the various security controls, evaluation of the issues reported, researching the problems and possible solutions, and liaising with teams to support them with the remediation of the any possible issues.
• Assisting in IT security investigations, exercises, and tests
• Provide recommendations to end-users for containment and eradication of threats.
• The configuration of the Security controls to minimize false positives and optimize detection capabilities.
• Generate new use cases for emerging threats.
• Conduct monthly security use case review and correlation audits.
• Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences.
• Responsible for working in a 24×7 Security Operation center (SOC) environment.
• Produce and update security operations processes and procedures.
• Transfer knowledge to colleagues via delivery of training/mentoring and clear concise documentation
• Undertake forensic investigations.
• Support the SOC Manager in his duties (e.g., extension of SOC services to new sites)

Qualifications/special skills

Academic Qualifications:

A university degree or master’s degree from an accredited educational institution in information technology, information management, Information systems, computer science, computer engineering, Software engineering, or other related disciplines.

Experience:

• A minimum of 5 years of experience for a bachelor’s degree and a minimum of 3 years for a master’s degree in IT Operations, Software Development, Security, or related experience.
• Experience of dealing with stressful contexts and situations when facing cyber crisis.
• Experience of working and partnering with other technology teams to resolve cyber security incidents.
• Experience of persuading technical individuals and teams who share different objectives and priorities to deliver the security activities expected from them.
• Demonstrated experience of strong knowledge in information security principles (security principles applied to architecture, network & systems, cyber forensic, security risk assessment, software development).
• Demonstrated experience leading efforts to identify and resolve systems issues.
• Demonstrated experience in network analysis and advanced networking fundamentals.
• Experience working with security event detection tools like IPS, SIEM, DLP, Anti-virus, EDR, UBEA etc.
• Ability to perform event correlation, host/ network threat analysis.
• Ability to manage multiple incidents and make effective decisions under high pressure environment.
• Understanding of Network infrastructure hardware and protocols (TCP/IP, switches, bridges, routers, proxy servers, VPN concentrators).
• Understanding of Security protocols (IPSec), and encryption technologies (3DES, AES, SHA2, TLS).
• Understanding of basic security principles such as Confidentiality, Availability, Integrity and familiarity with security best practices.
• The ability to demonstrate a dynamic interest in solving information security issues; analytical ability to break down problems into constituent parts.
• Well understanding of Azure Cloud Technologies
• Experience with One of SIEM solutions
• Hand on experience with one of the EDR solutions

DESIRABLE EXPERIENCE
• Experience of performing threat hunting and digital forensic on computers, servers, or network assets
• Experience of developing scripts (Python, REGEX, PowerShell, Shell, etc.) quickly in reaction to incidents or for proof of concepts

Competencies:
• Actionable knowledge of MITRE ATT&CK framework
• Effective communicator with a positive and confident attitude both written and verbally, to both technical without expertise and non-technical personnel like senior management
• Excellent planning and organizing skills.
• Strong troubleshooting, reasoning, and problem-solving skills.
• Team player, excellent communication skills, good time management.
• Knowledge of NIST framework and OWASP
• Flexibility to handle several information security issues simultaneously.
• Aptitude for solving problems and acting on own initiative.
• Highly motivated with a willingness to learn new technologies.
• Strong ability to drive for results, to manage and deliver against multiple priorities on time.
• Knowledge of various operating system flavours including but not limited to Windows, Linux, Unix
• In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
• Exposure and experience working with security applications such as firewall, anti-virus, patch management, vulnerability management.

Language:

¿ Fluent in spoken and written English.

Service Conditions:

¿ The duration of the consultancy is 6 to 11 months, extendable according to performance and availability of funds.
¿ Remuneration for this consultancy will be USD $ 1,592.60, depending on fund availability, qualifications, and relevant experience.
¿ The incumbent will be only in Gaza.

Additional Information

UNRWA Information Management and Technology Department (IMTD) is seeking an information security analyst that will be responsible for security monitoring and incident response of the UNRWA Cyber environment, your background should include exposure to security technologies including Cloud, firewalls, IPS/IDS, logging, monitoring, and vulnerability management. You should understand network security practices. Excellent customer service while solving problems should be a top priority for you. Scalar is a fast-paced, entrepreneurial environment so to be successful you’ll need to be a pro-active individual, take direction well, communicate succinctly and collaborate effectively.

The consultant will report administratively to Head Information Technology Service Centre at Headquarter Gaza and technically to the Head, Information Security Office at Headquarters Amman.

¿ Please indicate if you are a Palestinian Refugee and provide your registration card number if applicable.

No Fee

THE UNITED NATIONS DOES NOT CHARGE A FEE AT ANY STAGE OF THE RECRUITMENT PROCESS (APPLICATION, INTERVIEW MEETING, PROCESSING, OR TRAINING). THE UNITED NATIONS DOES NOT CONCERN ITSELF WITH INFORMATION ON APPLICANTS’ BANK ACCOUNTS.