Information and Communications Technology (ICT) Officer (Cloud SecOps Engineer)

Job Posting Organization:
The International Organization for Migration (IOM) was established in 1951 and is a Related Organization of the United Nations. It is the leading UN agency in the field of migration, working closely with governmental, intergovernmental, and non-governmental partners. IOM is dedicated to promoting humane and orderly migration for the benefit of all, providing services and advice to governments and migrants. The organization is committed to ensuring a workplace where all employees can thrive professionally, while harnessing the full potential of migration. IOM operates in numerous countries around the world, with a diverse workforce dedicated to addressing the challenges and opportunities of migration.

Job Overview:
The ICT Officer (Cloud SecOps Engineer) is tasked with leading and evolving the cloud security" style="border-bottom: 1px dotted #007bff !important;">security architecture and operations for IOM. This role is crucial for ensuring the security, integrity, and compliance of IOM’s cloud infrastructure, primarily focusing on Azure while maintaining awareness of multi-cloud environments. The officer will be responsible for threat detection, incident response, security automation, and hardening of cloud environments that support IOM's global offices. The position requires close collaboration with development, operations, and information security teams to identify and analyze vulnerabilities, support DevOps colleagues in resolving or mitigating these vulnerabilities, enforce compliance, and foster a culture of security awareness within the organization. The officer will report to the Chief Technology Officer and the Senior ICT Officer (Cloud Services).

Duties and Responsibilities:
The duties and responsibilities of the ICT Officer (Cloud SecOps Engineer) include implementing 24/7 monitoring using Microsoft Sentinel, Defender for Cloud, and Azure Monitor. The officer will also implement, monitor, and maintain data loss prevention strategies and controls across cloud environments to safeguard sensitive data against unauthorized access, leakage, and exfiltration. Investigating and remediating security incidents such as breaches, malware, and DDoS attacks with root-cause analysis is essential. The officer will define incident detection and management workflows and playbooks for cloud environments and collaborate with CSIRT teams. In terms of identity and access management, the officer will enforce Zero Trust principles via Azure AD Conditional Access, PIM, and RBAC, and audit service principals, role assignments, and privileged access. Ensuring compliance with relevant security regulations and standards such as GDPR, ISO 27001, NIST, and CIS Benchmarks in cloud environments is also a key responsibility. The officer will conduct vulnerability scans and patch management, automate compliance checks, and implement security checks into CI/CD pipelines. Additionally, the officer will embed security into CI/CD pipelines, proactively identify and investigate potential threats, develop KQL queries for threat detection, and automate responses using Azure Logic Apps and Functions. Collaboration with other teams to implement and maintain cloud security, training teams on best practices, and providing technical expertise and guidance are also part of the role. The officer may perform additional duties as assigned.

Required Qualifications:
Candidates must possess a Master’s degree in Cybersecurity, Computer Engineering, Computer Science, or a related field from an accredited academic institution with five years of relevant professional experience, or a University degree in the same fields with seven years of relevant professional experience. Required certifications include Microsoft Certified: Azure Security Engineer Associate, Microsoft Certified: Azure Fundamentals, and ITIL version 4 Foundation certification (must be attained within 6 months). Additionally, a Certified Cloud Security Professional (CCSP) certification is advantageous, as well as a Certified Information Systems Security Professional (CISSP) certification and AWS Certified Security Specialist certification.

Educational Background:
The educational background required for this position includes a Master’s degree in Cybersecurity, Computer Engineering, Computer Science, or a related field from an accredited institution. Alternatively, a University degree in the same fields is acceptable, provided the candidate has seven years of relevant professional experience. Accredited institutions are those listed in the UNESCO World Higher Education Database.

Experience:
A minimum of five years of experience in Cloud SecOps engineering is required. Candidates should have strong hands-on experience with Azure services, particularly Microsoft Sentinel, Defender for Cloud, Key Vault, and Azure Firewall. Proven experience managing cloud infrastructure in both AWS and Azure environments through automation is essential, and experience with GCP is a plus. Expertise in Infrastructure-as-Code tools such as Terraform, CloudFormation, or Ansible, as well as hands-on experience with CI/CD tools like Jenkins, GitHub Actions, and Azure DevOps, is necessary. Proficiency in scripting and programming languages such as Python, Bash, or PowerShell is also required, along with a solid understanding of containerization technologies like Docker and orchestration platforms such as Kubernetes.

Languages:
IOM’s official languages are English, French, and Spanish. All staff members are required to be fluent in one of these three languages. For this position, fluency in English is mandatory, both oral and written. A working knowledge of another official UN language (Arabic, Chinese, French, Russian, or Spanish) is considered an advantage. The proficiency of required languages will be specifically evaluated during the selection process, which may include written and/or oral assessments.

Additional Notes:
The contract type for this position is a Special Short term ungraded contract, lasting up to 9 months. The recruitment is for a professional level position, and the closing date for applications is set for 09 February 202

• Internationally recruited professional staff are required to be mobile, and candidates who are nationals of the duty station's country cannot be considered eligible. The appointment will be subject to certification of medical fitness, accreditation, residency or visa requirements, and security clearances. IOM has a zero-tolerance policy on conduct incompatible with the aims and objectives of the United Nations and IOM, including sexual exploitation and abuse, sexual harassment, and discrimination. IOM does not charge a fee at any stage of the recruitment process and only accepts applications submitted through the IOM e-Recruitment system.