Established in 1951, IOM is a Related Organization of the United Nations, and as the leading UN agency in the field of migration, works closely with governmental, intergovernmental and non-governmental partners. IOM is dedicated to promoting humane and orderly migration for the benefit of all. It does so by providing services and advice to governments and migrants.
IOM is committed to a diverse and inclusive work environment. Internal and external candidates are eligible to apply to this vacancy. For the purpose of the vacancy, internal candidates are considered as first-tier candidates.
Context
Under the overall supervision of the Head of Global User Support, and the direct supervision of the Shift Supervisor (Tier 2), the successful candidate will provide second-level (Tier 2) user and technical support and services to users of IOM’s corporate applications and infrastructure worldwide, promoting a client and service-oriented approach.
Core Functions / Responsibilities
- Provide second-level support to incidents and requests related to IOM’s Identity and Access Management (IAM) services that includes Employees Accounts, ROLES, Authorization and Access management.
- Perform daily system monitoring, verifying the integrity and availability of all IAM services, systems, and key processes, reviewing system and application logs.
- Perform daily troubleshooting of issues by using IAM tools and SQL database query tools.
- Perform basic validation of Employees data in each target systems integrated with IAM which includes SAP, AD On-Prem, AAD, and XO.
- Deploy system patches as released by OI, Microsoft, and other vendors related to IAM solution, and upgrade administrative tools and utilities.
- In close collaboration with other ICT teams, deploy, test, and troubleshoot new IAM developments in DEV, UAT in PROD environments.
- Support the ICT Security team in testing and deploying new solutions, provide second-level support to support implemented advanced security features, and follow the escalation process whenever necessary when a security service or feature negatively impacts users’ official applications.
- Support GUS Tier 1 verifying and analyzing the security risk status of users, domains, URLs, IP addresses, and /or emails, and performing basic security actions/tasks as dismiss user’s risk, release from the restricted list to send emails, add/remove domains/URLs/IPs/emails from blacklists.
- Provide second-level support to network security incidents and apply security configuration requests including but not limited to Cisco routers, Cisco ASA, Cisco FTD, Cisco Meraki, Palo Alto, FortiGate, Zscaler.
- Perform daily security threat monitoring and incident response by utilizing Microsoft 365 Defender, minimize alerts in Threat Analytics, and remediate machines contributing to the Zscaler Risk Score.
- Assist the ICT Security Team by creating tickets when a security advisory is received from US-CERT, Common-Secure, and other 3rd party reputable security advisories and support the follow-up remediation actions taken in the affected IOM asset. Support security-related ticket handling (e.g., re-assign tickets, fill up necessary fields for metrics, redirect to the correct queue/unit), contacting end-users to support third-party security services providers to investigate and follow-up security incidents and/or vulnerabilities pending to be remediated.
- Maintain and produce support-related artifacts and documentation, including operations manual, process documents, configuration documents, etc. while making them available to the whole GUS team
- Provide after-hours support when necessary and respond to emergencies.
- Work with Business and vendors and GUS client support teams to resolve issues.
Education
- University degree Computer Science or Information Technology or a related field from an accredited academic institution with 3 years of relevant experience; or
- Completed High school / Secondary school education with 5 years of relevant experience.
- Valid and relevant Microsoft, Cisco, and/or ITIL Certifications an advantage.
Experience
- Has a minimum of three years of experience of working experience in administration and support of Azure Active Directory, Share Point, Office 365, Microsoft Exchange, and SAP.
- Has a minimum of two years of information security experience, working with on-prem and cloud-based security solutions.
- Experience in developing, implementing, and optimizing SQL queries.
- Experience with User Authentications and Identity Synchronization Technologies such as OAuth 2.0, SAML, and OpenID Connect.
- Experience with Cloud User Management and configuration
- Understanding of Virtualization concepts and virtual system administration
- Familiarity with core OS services such as SSH, Telnet, FTP, NFS, DNS, DHCP, LDAP
- Excellent hands-on experience with administration and troubleshooting of Azure AD, MS Exchange, Office 365. And Share Point.
- Good Familiarity with Security and infrastructure administration.
- Knowledge of OI PowerShell scripting
- External identity providers configuration for Web Application
- Familiarity with Security and infrastructure administration
- Knowledge of Office 365 Identity Management
- Able to articulate complex, technical concepts to non-technical audiences
- Knowledge of secure web gateway solutions, preferably Zscaler.
- Knowledge of Microsoft Threat Protection suite, as Azure AD Identity Protection, Microsoft Defender for Endpoint, Exchange Online Protection.
- Knowledge in network/firewalls devices (e.g., Cisco ASA, Cisco FTD, Cisco Meraki, Palo Alto, FortiGate)
- IT security specialist training and certifications are an asset, and especially related to Microsoft (Azure / M365) security solutions
- ITIL V3/4 foundation level certification is desirable.AZ-500 Microsoft Azure Security Technologies and/or MS-500 Microsoft 365 Security Administration certificate will be an advantage.
- Excellent oral and written command of English.
- SC-300 Microsoft Identity and Access Administrator and/or SC-200 Security Operations Analyst Associate certificates will be an advantage.
- Ability to respond against information security alerts
- Valid proficiency in Vulnerability Management concepts
Languages
For this position, fluency in English is required. Knowledge of a second official UN language is desirable.
Values
Inclusion and respect for diversity
Respects and promotes individual and cultural differences. Encourages diversity and inclusion.
Integrity and transparency
Maintains high ethical standards and acts in a manner consistent with organizational principles/rules and standards of conduct.
Professionalism
Demonstrates ability to work in a composed, competent and committed manner and exercises careful judgment in meeting day-to-day challenges.
Core Competencies
Accountability
Takes ownership for achieving the Organization’s priorities and assumes responsibility for own actions and delegated work.
Communication
Encourages and contributes to clear and open communication. Explains complex matters in an informative, inspiring and motivational way.
Delivering results
Produces and delivers quality results in a service-oriented and timely manner. Is action oriented and committed to achieving agreed outcomes.
Managing and sharing knowledge
Continuously seeks to learn, share knowledge and innovate.
Teamwork
Develops and promotes effective collaboration within and across units to achieve shared goals and optimize results.
How to apply
Interested applicants may send their applications to hrmanila@iom.int no later than 12 January 2023. VN Number and Position Title (SVN 007/2022 – ICT Assistant (Client Support) Security Services) should be specified in the SUBJECT field.
IOM welcomes applicants from qualified individuals, irrespective of their race, religion, skin, color, nationality, age, disability status, ancestry, sex, sexual orientation, gender identity or expression, marital status, family structure, mental health status, or any other characteristic.
Only shortlisted candidates will be contacted and an offer will be made following the confirmation of funding.