Information Security Operations Officer

Information Security Operations Officer

International Labour Organization (ILO)

July 3, 2026August 17, 2026GenevaSwitzerland
Job Description
Job Posting Organization:
The International Labour Organization (ILO) is a specialized agency of the United Nations that aims to promote social justice and fair labor practices worldwide. Established in 1919, the ILO has a mission to ensure that labor standards are upheld and that workers' rights are protected. The organization operates in over 180 countries and has a diverse workforce of approximately 3,000 employees. The ILO is committed to promoting gender equality and diversity within its staff and encourages applications from under-represented groups.

Job Overview:
The security" style="border-bottom: 1px dotted #007bff !important;">security" style="border-bottom: 1px dotted #007bff !important;">Information Security Operations Officer position is situated within the Technology Management Services (TMS) Branch of the Information and Technology Management Department (INFOTEC) at the ILO. This role is crucial for maintaining the security of the organization's information systems and data. The officer will be responsible for monitoring information security events, managing incidents, conducting threat hunting, and performing vulnerability management. The position requires a proactive approach to identifying and mitigating risks, as well as contributing to the design and implementation of security measures. The officer will work closely with the Information Security Operations Lead and collaborate with various teams to enhance the organization's security posture. This role is vital for ensuring that the ILO can effectively utilize technology to fulfill its mission while safeguarding sensitive information.

Duties and Responsibilities:
  • Champion information security operations, including incident assessment, categorization, triage, and escalation, in accordance with established Incident Response playbooks and procedures, collaborating with the Security Operations Center (SOC).
  • Provide expertise in Information Security Incident Response, driving detection, threat hunting, and incident analysis; identify and track escalations and lateral movements; support containment, eradication, and recovery stages; and write post-mortem documentation and lessons learned.
  • Monitor and assess the ILO threat landscape routinely; identify and assess emerging risks, participate in mitigation activities, and design and implement appropriate mitigating controls, detection analytics, and alerting capabilities.
  • Drive the hardening and baselining of assets; monitor and investigate deviations from recognized security baselines, including Centre for Internet Security (CIS) benchmarks and Security Technical Implementation Guidelines (STIG); define and implement technical measures through Group Policy, Intune, Azure, or Configuration Manager; and perform post-implementation reviews and audits to identify and implement improvements to operational systems.
  • Participate in planning and deliver simulation exercises, including tabletop and purple-team exercises, to test preparedness, validate response capabilities, and strengthen organizational resilience against cyber-attacks.
  • Contribute to data analysis and reporting capabilities to collect and analyze logs, metrics, and events from multiple sources; proactively suggest and create alerts and reports on potential risks and compliance deviations.
  • Conduct targeted digital forensics services to acquire images and reconstruct intrusion timelines, events, vectors, tools, and techniques from compromised assets; extract artifacts and indicators of compromise.
  • Support Threat and Vulnerability management by ensuring IT systems, platforms, and web applications are discovered and regularly scanned; analyze and triage scan results based on likelihood and impact; discuss findings and solutions with the team and provide support to system owners in the remediation process.
  • Closely monitor technology developments within the domain to anticipate shifts, identify opportunities, and propose tools or process evolutions. 1
  • Advocate for information security standards and best practices across the organization; contribute to the development and continuous improvement of internal guidelines, procedures, and standards in collaboration with other INFOTEC units. 1
  • Perform any other relevant duties as assigned.

Required Qualifications:
The position requires an advanced level university degree in computer science or a closely related field. Alternatively, a first-level university degree (Bachelor’s or equivalent) in computer science or a relevant field, combined with an additional two years of relevant experience, will be accepted in lieu of an advanced degree. Candidates must also possess one or more industry-recognized certifications in IT security, such as CISSP, BTL1/2, GCIH, TryHackMe SOC, Microsoft Certified Security Operations Analyst Associate, or equivalent SANS certifications.

Educational Background:
Candidates must have an advanced level university degree in computer science or a closely related field. A first-level university degree (Bachelor’s or equivalent) in computer science or a relevant field, along with two additional years of relevant experience, will be accepted in lieu of an advanced degree. Industry-recognized certifications in IT security are also required.

Experience:
At least five years of professional experience in the cybersecurity field is required for this position. This experience should encompass a range of responsibilities related to information security operations, incident response, and threat management.

Languages:
Candidates must have an excellent command of one of the ILO's working languages (English, French, Spanish) and a working knowledge of a second working language. One of these languages must be English. External candidates whose mother tongue is not one of the working languages must possess a fully satisfactory working knowledge of at least one of the ILO working languages and will be expected to acquire knowledge of a second working language during their initial years of service.

Additional Notes:
The position is a fixed-term contract for a duration of twenty-four months, with the possibility of extension based on satisfactory conduct and performance. The successful external candidate will be on probation for the first two years of assignment. Recruitment for this vacancy is subject to the availability of funding. The ILO has a zero-tolerance policy for acts of sexual exploitation and abuse and conducts background verification of candidates under consideration. The ILO does not charge any fees at any stage of the recruitment process.
Apply now
Similar Jobs