Information Security Officer

Organization for Security and Co-operation in Europe, Vienna, Austria

Skill Required: IT and ICT
Preferred Experience: 
3 to 10 Years
Apply By: 
8th December, 2017


Job Description

Background

The Department of Management and Finance is responsible for managing the material and financial resources of the Organization. It provides policy guidance on the management of OSCE financial and material resources and develops and maintains OSCE Financial Regulations and Rules and Financial/Administrative Instructions.

Information and Communications Technology Services (ICTS) ensures efficient, available, and cost-effective management, operation and utilization of Information Technology (IT) in support of the core business of the OSCE. This comprises activities associated with co-ordination, operation, management, development and implementation of Information and Communications Technology (ICT) supported projects and infrastructure.

Requirements include, but are not limited to:

  •     First-level university degree in computer science or related field;
  •     Relevant information security certificates such as CISSP, CISA, CISM, etc.;
  •     Minimum of six years of relevant professional experience; Information Security Operations Center (SOC) environment experience, at least three years incident monitoring experience;
  •     Demonstrated experience in key security technologies (SIEM, IDS/IPS, Firewall, Web Application Firewalls, Data Loss Prevention (DLP) and Security Event Correlation);
  •     Strong knowledge of security standards and risk management frameworks (e.g. ISO27001, COBIT, etc.);
  •     Experience with technical writing and management reports;
  •     Expertise with special cyber security threats, incidents or APTs would be an asset;
  •     Professional fluency in the English language, both oral and written; working knowledge of German would be desirable;
  •     Demonstrated ability to work within a team including strong customer focus and good interpersonal skills, as well as the ability to establish and maintain effective partnerships and working relations in a multicultural, multi-ethnic environment with sensitivity and respect for diversity, including gender balance.

Tasks and Responsibilities

The Information Security Officer provides technical expertise and support in network and security operation as well as in various information security improvement initiatives as part of the Information Security Improvement Plan. Specifically, the incumbent will be responsible for:

  •     Assisting in the design and implementation of various information security projects, including: Security Architecture Review; Security Incident and Event Management; Managed Security Services; Vulnerability Assessment and Management; Endpoint Protection; Security Event Correlation and Monitoring; Security Awareness and Technical Trainings; Hardware and Software Inventory and Control;
  •     Supporting the creation and implementation of information security policies, standards, procedures and technical designs, including vulnerability management, risk and vulnerability assessment, business impact analysis;
  •     Assisting in the establishment and operation of the Information Security Operations Center;
  •     Monitoring and analyzing cyber security events (IDS/IPS, firewall, etc.), event correlation and reporting to the OSCE Security Incident Response Team;
  •     Recognizing potential, successful and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information as well as conducting root cause analysis of reported problems, resolving and/or implementing permanent fixes and escalating to Management or dispatching issues to external parties;
  •     Working with the Incident Response team for events escalated to incident levels and participating in security incident response;
  •     Performing periodic reviews with respect to effective, efficient and secure use of WAN and Security Systems, ensuring requirements are met and that replacement and upgrades are in place in support of priorities and deadlines;
  •     Identifying and evaluating new systems or re-engineering of the existing systems with regard to suitability and security and assisting in evaluation, selection and procurement of WAN and Security systems hardware and software;
  •     Supporting and providing network and security administration activities, including: supporting and operating the Secretariat’s Wide Area Network (WAN) and Internet/Intranet Security related services and systems, providing 2nd/3rd level support to the Service Desk and assisting in resolving WAN and Internet/Intranet Security System problems and installing, upgrading, configuring, testing, deploying and carrying out repairs on WAN and Security Systems related hardware, software and systems;
  •     Maintaining contacts with product providers and service companies as needed for product updates or troubleshooting;
  •     Performing other related duties and assignments as required. US

Source:https://jobs.osce.org/vacancies/information-security-officer-vnsecs01285


Recommend your friend