IMPORTANT NOTICE REGARDING APPLICATION DEADLINE: Please note that the closing date for submission of applications is indicated in local time as per the time zone of the applicant’s location.

Organizational Setting

The Department of Safeguards carries out the IAEA’s duties and responsibilities as the world’s nuclear inspectorate, supporting global efforts to stop the spread of nuclear weapons. The primary role of the Department is to develop and implement IAEA safeguards to ensure that there is no diversion of declared nuclear material from peaceful activities and no indications of undeclared nuclear material or activities in a State as a whole.

The Department comprises nuclear safeguards inspectors, responsible for carrying out inspections and verifications of all-safeguards relevant information for nuclear facilities in over 180 States; and technical staff responsible for a wide range of activities including: developing concepts and approaches for implementing safeguards; developing and maintaining safeguards equipment; providing analytical and laboratory services for sample analysis; collecting, evaluating and analysing safeguards-relevant information; providing information and communication technology infrastructure and services; and providing programme coordination support.

The Office of Information and Communication Systems (SGIS) is responsible for the provision of secure Information and Communication Technology (ICT) services that enable the Department of Safeguards to deliver on its mandate. Major services provided by SGIS include provision of information technology project management services; development and maintenance of specialized ICT solutions; operation of resilient ICT infrastructure; provision of customer support services; and protection of safeguards information. In partnership with other organizational entities, SGIS is responsible for planning and implementing ICT strategies as well as promoting ICT standards.

Main Purpose

The Cyber Security Engineer is part of the Safeguards Security Group and a key contributor to the cyber security operations and defence activities for the Department of Safeguards and the Division of Nuclear Security. The purpose for this role is to deploy, configure, and evolve cyber threats prevention, detection, and monitoring capabilities. He/she will manage, improve, and scale up detection/response program engaging in innovative work related to identification and hunting for novel threats; administration of security information and events management and security orchestration tools; as well as provide subject matter support for cyber security operations to assure best-in-class protection and incident response.

Role

The Cyber Security Engineer is (a) a technical specialist that solves challenging security problems, usually at the intersection of detection, response, and security automation; (b) a technical expert who can understand and evaluate cyber threat landscape, with the ability to present risks and multiple possible solutions in a logical and constructive manner; (c) a practical problem solver with a can-do attitude and sense of ownership and accountability.

Functions / Key Results Expected

• Manage and evolve the content development within the Security Information and Event Management SIEM platform which includes use case creation, dashboard design, tuning of use cases and development of playbooks to minimize false positives.
• Configure event collections/ logging of events relevant to cybersecurity to integrate with the SIEM tool to enable near real-time alerting.
• Conduct regular threat hunting and independent threat research to augment and feed custom use case creation.
• Leverage advanced knowledge of security operations, cyber security tools, intrusion detection, and network security to detect, investigate, or prevent cyber intrusions.
• Perform in-depth analysis of security events, including malware analysis, network forensics detection, as well as share practices with junior incidents handlers.
• Collaborate with peers and lead development of dashboards, reports, and alerts to meet tactical cybersecurity requirements and monitor for indications of compromise.
• Act as an escalation point and take the role of technical subject matter expert and occasionally serve as incident manager in order to handle cyber intrusions and incidents.
• Contribute to the development of operational reporting and metrics such as KPIs, KRIs; produce regular and ad-hoc threat and event reports for the direct supervisor and the management team.
• Collaborate with the enterprise IT peers to appropriately configure cybersecurity systems and services that affect the overall security posture for the organization.

Competencies and Expertise

Core Competencies(Competency Framework)

Functional Competencies

Required Expertise

Asset Expertise

Qualifications, Experience and Language skills

• University Degree in computer Science, Information Management, IT Security or equivalent relevant experience. Four (4) additional years of experience may be considered in lieu of University Degree.

• Internationally recognised security relevant certification, such as CISSP, OSCP, GCIA, CYSA, or related certifications, is an asset.

• At least 5 years of relevant experience in information security, out of which at least 2 years performing digital forensics and incident handling tasks or management of threat detection and response automation tools.
• Proven experience in creating custom rules, dashboards, and reports using Endpoint Detection and Response (EDR) or Nextgen Antivirus (NGAV) tools is an asset.
• Ability to develop use cases for one of the following platforms: Splunk ES, QRadar, Sentinel, Sumo Logic, Exabeam, Chronicle, Sentinel, Log Rhythm and ELK (Elastic, Logstash, Beats, Kibana) stack
• Proven ability to use scripting skills for automation of cyber security response or technical threat intelligence processing.
• Knowledge of the Cyber Kill Chain methodology, Mitre Attack Framework, and Malware analysis methods is an asset.
• Experience in Linux system engineering and administration is an asset.

• Excellent oral and written command of English. Knowledge of other official IAEA languages (Arabic, Chinese, French, Russian and Spanish) is an asset.

Remuneration

The IAEA offers an attractive remuneration package including a tax-free annual net base salary starting at US $64121 (subject to mandatory deductions for pension contributions and health insurance), a variable post adjustment which currently amounts to US $ 32061*, dependency benefits, rental subsidy, education grant, relocation and repatriation expenses; Other benefits include 6 weeks’ annual leave, home leave travel, pension plan and health insurance. More information on the conditions of employment can be found at: https://www.iaea.org/about/employment/professional-staff/conditions

General Information

• The IAEA’s paramount consideration in the recruitment of staff member is to secure employees of the highest standards of efficiency, technical competence and integrity.
• Staff Members shall be selected without any unfair treatment or arbitrary distinction based on a person’s race, sex, gender, sexual orientation, gender identity, gender expression, religion, nationality, ethnic origin, disability, age, language, social origin or other similar shared characteristic or trait.
• The IAEA is committed to gender equality and to promoting a diverse workforce. Applications from qualified women and candidates from developing countries are strongly encouraged.
• Applicants should be aware that IAEA staff members are international civil servants and may not accept instructions from any other authority. The IAEA is committed to applying the highest ethical standards in carrying out its mandate. As part of the United Nations common system, the IAEA subscribes to the following core ethical standards (or values): Integrity, Professionalism and Respect for diversity.
• The IAEA has a zero-tolerance policy on conduct that is incompatible with the aims and objectives of the United Nations and the IAEA, including sexual harassment, abuse of authority and discrimination.

Evaluation process

• The evaluation of applicants will be conducted on the basis of the information submitted in the application according to the selection criteria stated in the vacancy announcement. Applicants must provide complete and accurate information. Evaluation of qualified candidates may include an assessment exercise, which may be followed by a competency-based interview.
• Candidates under serious consideration for selection may be subject to reference and background checks as part of the recruitment process.

Appointment information

• Appointment is subject to a satisfactory medical report.
• Staff members may be assigned to any location.
• Candidates appointed to posts in the Professional and higher categories are subject to IAEA rotation policy and their maximum tour of service shall normally be seven years.
• The IAEA retains the discretion not to make any appointment to this vacancy, to make an appointment at a lower grade or with a different contract type, or to make an appointment with a modified job description or for shorter duration than indicated above.