IT Security Operations Associate (SGIS)(G6)

Wien, WUnder the supervision of the Systems and Engineering Team Leader, the IT Security Operations Associate acts as the primary IT security event handler and reporter of vulnerabilities in the Department of Safeguards. He/she operates processes related to security operations, such as vulnerability management; incident response; business continuity; and/or event management. He/she actively operates IT security incident and event management processes and proposes and implements changes, and contributes to the necessary technical improvements to ensure high quality alerts and reporting for security operations.
Functions / Key Results Expected

• Responsible for operating several security operations processes and activities related to IT security events; IT security vulnerabilities; threat intelligence; risk assessment; incident management; and the configuration and management of security controls and countermeasures.
• Oversees and monitors, recommends and, in consultation with management, implements process improvements for security operations. Provides reports regarding related aspects of IT security operations. Assists in refining alerting and improving threat information escalates the most critical events and impactful anomalies Operates and improves all aspects of security event management, threat management, including automation.
• Operates Installation, configuration, and management of security operations tools and systems; the expansion and refinement of collection sources and by creating security operations reports automatically and distributing them to the appropriate audience.
• Performs initial assessment and review of security events and vulnerabilities and generates detailed reports; escalates issues as appropriate.
• Interfaces with security and IT professionals throughout the Department and the Agency to assist on the resolution of complex security issues and incidents and collaborates on the documentation results and lessons learned.
• Coordinate and deliver training and instruction to junior level IT and IT security staff regarding security operations processes and participates in security awareness programs, testing, and training.
• Operate security assessment procedures for systems, system configurations, information assets, and changes related to authentication, authorization, security baselines, confidentiality, and auditing, analyze the results, and provide reports and guidance to the relevant stakeholders and system owners. Communicate vulnerability and security relevant information to stakeholders and assist with remediation planning.
• Performs various security operations tasks as assigned.

Qualifications, Experience and Language skills

• Completed secondary education.
• Minimum of six years of working experience, including experience in implementing and documenting security operations procedures and experience with security operations, automation of common activities implementation of various security tools.
• IT security specialist training and certifications an asset.
• Experience with security incident and event management systems such as the ELK stack, Arcsight, QRadar, Alienware, and Splunk.
• Experience with security installations for the physical protection of information assets would be a benefit.
• Excellent oral and written command of English. Knowledge of other official IAEA languages (Arabic, Chinese, French, Russian and Spanish) is an asset.
• English language test (Level 1) to IAEA standard.

Remuneration
The IAEA offers an attractive remuneration package including a tax-free annual net base salary starting at EUR 53849 (subject to mandatory deductions for pension contributions and health insurance), 6 weeks' annual vacation, pension plan and health insurance

Appointment is subject to a satisfactory medical report. Recruitment will be on a LOCAL BASIS only. Outside applicants are required to supply to the IAEA or to authorize it to seek all information relevant to their suitability for employment by the IAEA. Testing may be part of the recruitment process.