Vacancies at International Rescue Committee

Job Overview/Summary: 

We are seeking a highly skilled Information Security Analyst to join our SecOps team. This role is purely operational and involves monitoring security information and event management (SIEM) systems, investigating security events, running vulnerability scans, and supporting the service desk. The ideal candidate will have experience with Microsoft Sentinel, ServiceNow ticketing, Qualys, and ZeroFox.

Major Responsibilities: 

Cyber Incident Response and IT Security 

• Continuously monitor the SIEM to identify and analyze potential security incidents and threats.
• Investigate security events escalated from the service desk or managed security service providers (MSSP), determining the root cause and implementing corrective actions.
• Run regular vulnerability scans using tools such as Qualys, and work with relevant teams to remediate identified vulnerabilities.
• Train the service desk on SecOps processes and procedures to ensure effective initial triage of security events.
• Compile and report on operational metrics to provide insights into the security posture and the effectiveness of security controls.
• Leverage a Security Information and Event Management (SIEM) system for advanced threat detection and response, utilize an IT service management (ITSM) platform for efficient ticket management, and employ a social media threat monitoring and protection tool.
• Research the latest in information technology security trends to keep up to date with the subject and use on the latest technology to protect information assets.
• Work with the team to develop a security plan for best standards and practices for the organization.
• Conduct frequent testing of simulated cyber-attacks to look for vulnerabilities in the systems and take care of these before an outside cyber-attack.
• Make recommendations to managers and senior executives about security advancements to best protect the organization.
• Help train junior colleagues in information security.

Key Working Relationships: 

• Position Reports to: Manager – Security Operations 
• Position directly supervises: NA 
• Indirect Reporting: Director, Security Operations and Engineering Team
• Other Internal and/or external contacts: 
• Internal:IT staff across regions, HQ and Nairobi iHub, Safety and Security Team

Job Requirements: 
Education

• Bachelor’s degree or equivalent professional experience. Prefer degree concentration in: Computer Information Systems, Management Information Systems, Computer Science

Work Experience 

• Min 2 years in IT security operations, 1 year in a global organization 

Demonstrated Skills and Competencies

• Strong knowledge a Security Information and Event Management (SIEM) system, ITSM ticketing system, vulnerability management tools.
• Ability to analyze complex security issues and provide actionable recommendations.
• Excellent verbal and written communication skills for training and reporting purposes.
• Certifications: Relevant certifications such as CEH, or CompTIA Security+ are a plus.
• Experience: Previous experience in an operational information security role is highly desirable.

Language Skills:English required; French and Arabic a plus

go to method of application »

Job Overview/Summary: 

We are seeking a highly skilled Information Security Manager to join our SecOps team. This role is purely operational and involves monitoring security information and event management (SIEM) systems, investigating security events, running vulnerability scans, and supporting the service desk. The ideal candidate will have experience with Microsoft Sentinel, ServiceNow ticketing, Qualys, and ZeroFox.

Major Responsibilities: 

• Continuously monitor the SIEM to identify and analyze potential security incidents and threats.
• Investigate security events escalated from the service desk or managed security service providers (MSSP), determining the root cause and implementing corrective actions.
• Run regular vulnerability scans using tools such as Qualys, and work with relevant teams to remediate identified vulnerabilities.
• Train the service desk on SecOps processes and procedures to ensure effective initial triage of security events.
• Compile and report on operational metrics to provide insights into the security posture and the effectiveness of security controls.
• Leverage Microsoft Sentinel for advanced threat detection and response, utilize ServiceNow for efficient ticket management, and employ ZeroFox for social media threat monitoring and protection.
• Lead a team of highly capable Security engineering staff who maintain security for system environments.­­
• Ability to mentor and have the capability influencing the group.
• Create and drive proactive monitoring and reporting for endpoint and system health including, patching, compliance, and other performance metrics.
• Manage vulnerability remediation and incident handling across global resources
• Implement new security technologies as required to support a dynamic/challenging business environment
• Identify operational opportunities to implement security orchestration and automation capabilities
• Support InfoSec-managed tools and enforcement of global security controls
• Effectively provide general information security guidance & technology support to the business
• Manage on call schedule and incident escalations
• Maintain the day to day operations of configuration management platforms including application deployment and settings distribution
• Work as the escalation point between various teams for Security related activities.
• Drive client and system security model and best practices
• Drive business decisions through data using tools like Splunk
• Integrate with other internal systems and tools
• Manage transition plans for major upgrades or patches
• Diagnose and investigate unique and complex systemic problems
• Work proficiently with minimal daily guidance and bring mature seasoned skills when working
• Evaluate and communicate security risk to a wide and varying audience

Key Working Relationships: 

• Position Reports to: Director, Security Operations and Enigeering Team
• Position directly supervises: One or more analysts
• Indirect Reporting: CISO, Senior Director Technology, Operations & Information Security  
• Other Internal and/or external contacts: 
• Internal:IT leadership and staff across regions, HQ and Nairobi iHub, global Safety and Security Team, line personnel across all regions, emphasis on International Programs. 
• External:Participates in  sector discussions of IT security-related issues. 

Job Requirements: 

• Education:Bachelor’s degree in an information systems-related field required. 
• Work Experience:3-6 years in IT system design, implementation and operations in a global organization; 1-3 years with  IT security systems

Demonstrated Skills and Competencies: 

• Significant knowledge in planning, directing, and managing Computer Incident Response Team (CIRT) and/or Security Operations Center (SOC) operations for a large global enterprise
• Ability to manage stressful situations,  handle incidents, have a close working knowledge of security issues and appropriate countermeasures, and contributing to a 24x7x365 support environments.
• Ability to maintain situational awareness of escalated events and alerts, tools status, vulnerability status, forensics and malware investigations, intelligence status, and all other SOC functions
• Validated working experience with enterprise class cloud technologies based on the M365 E5 stack as well as firewalls, messaging security (i.e. S/MIME, TLS, DMARC/SPF/DKIM, etc.) encryption, MS Defender (all platforms) Azure Entra, ServiceNow, etc.
• Proven capacity to be a self-starter and work remotely with limited reliance on supervision
• Good interpersonal skills required to help identify key relationships and to maintain them.
• Strong oral and written communications skills 
• Familiar with security controls or concepts related to various security community groups or standards: CISSP Domains, NIST cybersecurity & privacy frameworks, CIS benchmarks, OSI model
• Proven experience within Incident Response situations and demonstrated ability to handle and maintain confidential information in a professional manner
• Must possess strong written and verbal communication skills, and be capable of understanding, documenting, communicating, and presenting technical issues in a non-technical manner to audiences with varying degrees of technical expertise
• Be a team player and enjoy collaborating on cross-functional teams
• Familiar with compliance and privacy regulations such as PCI, GDPR, CCPA, SOX, and other regulations/standards
• Leadership skills and the ability to mentor or provide guidance to teams

Language Skills:English required; French and Arabic a plus

Certificates or Licenses: 

• CISSP, CCSP, or other relevant industry security-focused certifications preferred

Working Environment:Hybrid, including remote and standard office work environment.   

Travel:up to 5%; two trips annually to NYHQ.