SOC Coordinator
vor 9 Stunden
**Requisition ID**: 21107
**Region**: Europe (HQ)
**Contract type**: Open-ended contract
Reports to (role)
Chief Information Security Officer
What we do
The International Committee of the Red Cross (ICRC) works worldwide to provide protection and humanitarian assistance to people affected by conflict and armed violence. We take action in response to emergencies and, at the same time, promote respect for international humanitarian law. We are an independent and neutral organization, and our mandate stems essentially from the Geneva Conventions of 1949. We work closely with National Red Cross and Red Crescent Societies and with their International Federation in order to ensure a concerted, rational and rapid humanitarian response to the needs of the victims of armed conflict or any other situation of internal violence. We direct and coordinate the international activities conducted in these situations.
Purpose of the position
The ICRC provides technology services to more than 20,000 employees globally, external partners and our beneficiaries. Protecting our digital operations from cyber-attacks is a core element of the institutional cyber security strategy.
Based at HQ in Geneva and reporting directly to the Chief Information Security Officer (CISO), the Security Operations Center (SOC) coordinator is responsible to ensure the ICRC is prepared to detect, respond to and recover from cyber-attacks.
By coordinating the hybrid SOC, the SOC coordinator manages cyber operations in the following domains:
Vulnerability Management
Threat Intelligence
Security Monitoring
Incident Response
The SOC coordinator participates in and oversees the day-to-day operation of the ICRC's hybrid SOC whilst ensuring agreed SOC service levels are maintained.
The SOC coordinator brings knowledge, experience, technical expertise, and situational awareness to new and evolving cyber threats and cyber incidents. In close collaboration with technical and non-technical stakeholders, they coordinate, execute, and continuously enhance the SOC processes and services.
Main duties and responsibilities (1/2)
Support the CISO function in the delivery of the overall ICRC cyber security strategy
Contribute to the continuous improvement and evolution of the overall SOC mission
SOC coordination and reporting
Coordinate the overall operations of SOC functions (cyber security monitoring, Cyber security incident response, Vulnerability management, Cyber threat intelligence)
Coordinate daily interaction with MSSP
Coordinate a team of Cyber Security Engineers
Ensure SOC adherence to security policies and procedures
Revise and develop SOC related security policies, standards, and procedures to support the current Security Operations within the Information Security Framework
Deliver agreed SOC measurables and metrics to the CISO
Cyber security monitoring
Ensure efficient cyber security incident identification, triage, reporting, communication and monitoring via MSSP
Ensure efficient operation of standard reporting channels for suspected cyber security incidents
Main duties and responsibilities (2/2)
Cyber security incident response
Responsible for overall coordination and execution of the response to Tier 1,2 & 3 cases
Assign tasks to Cyber Security Engineers
Manage escalated unresolved, persistent, or repetitive cases
Support Cyber Security Engineers to disseminate incident-related information to constituents and concerned parties via the given process, tooling and communication channels
Vulnerability management
Work closely with the Vulnerability Coordinator to ensure required corrective actions are applied appropriately and timely, notably those related to security patches
Contribute to the continuous improvement evolution and extended scope of the vulnerability management process
Manage escalated unresolved, persistent, or repetitive cases
Cyber threat intelligence (TI)
Enrich the SOC detection capabilities through complementary TI feeds
Based on TI feeds, plan and coordinate automated responses with the Cyber Security Engineers
People management responsibilities
No
Relationships
Report directly to the Chief Information Security Officer
Maintain relationship with Managed Security Service Provider (MSSP) involved in SOC activities
Lead ICRC cyber security engineers within the hybrid SOC
Interact transversally with ICRC colleagues worldwide
Engage with the CISO function for analysis & improvements
Education and experience required
A university degree in Computer Science, Engineering, or related field (with major in security is an asset)
At least 3 years of cyber security related professional experience are required
Security certifications such as CISSP, CCSP, SANS GIAC, CEH, Security+ and/or Offensive Security are a strong asset
Relevant experience in an international and multicultural environment
Fluency in English is mandatory, French is an asset
Desired profile and skills
Excellent knowledge of information security standards, frame
