Senior Cyber Threat Analyst (Team Leader)

Luxembourg (LUM), LU, 27275

Full Time Senior-level / Expert EUR 75K - 139K *

International Committee of the Red Cross

View all jobs at International Committee of the Red Cross

Apply now Apply later

Posted 1 day ago

Reports to (role)

Head of Operations – Delegation for Cyberspace and Global Cyber Hub

What we do

The International Committee of the Red Cross (ICRC) works worldwide to provide protection and humanitarian assistance to people affected by conflict and armed violence. We take action in response to emergencies and, at the same time, promote respect for international humanitarian law. We are an independent and neutral organisation, and our mandate stems essentially from the Geneva Conventions of 1949. We work closely with National Red Cross and Red Crescent Societies and with their International Federation in order to ensure a concerted, rational and rapid humanitarian response to the needs of the victims of armed conflict or any other situation of internal violence. We direct and coordinate the international activities conducted in these situations.

The humanitarian sector has been undergoing a significant digital transformation in recent years, creating both opportunities and risks. On the one hand, people affected by humanitarian emergencies are increasingly connected, and humanitarian organisations are developing and offering digital humanitarian services. On the other hand, unauthorized access to or extraction of humanitarian data by malicious actors, to gain operational advantages or for other non-humanitarian purposes, can create significant risks for the dignity and safety of vulnerable people whilst undermining the work of humanitarian actors.

The recent creation of an ICRC Delegation for Cyberspace and its transition into a Global Cyber Hub aims at strengthening the organisation’s capacity to deliver on its mandate in the digital age. The delegation explores new ways to support, enable, and protect the ICRC’s digital footprint, which is made up primarily of the data that affected populations entrust it with and of the digital means – products and services – it deploys in conflict zones. The delegation maintains a safe R&D environment to develop a response to the challenges brought by digitalization, notably in conflict settings, and anticipate those that will continue to emerge. Understanding what adherence to the fundamental principles of neutrality, impartiality, and independence of exclusively humanitarian action means in the digital age, and adapting its operating modalities and technology choices accordingly, is a key component of this. This is essential for the ICRC to gain and preserve the trust of affected people as well as interlocutors, to continue to have access to affected areas, also digitally, to ensure that affected people access essential humanitarian services, and to ensure the acceptance and safety of its own staff.

Purpose

The Cyber Risk (Threat) Analysis Team monitors all contexts where the ICRC operates, and based on collection and experience, developing processes that enable the organisation to identify, analyse, and understand the evolution and motivations of actors and threats (technical and strategic) in cyberspace. This work prepares the ground for and informs humanitarian engagement and operational dialogue and provides support to the HQ units and delegations that need it to ensure access and (cyber) security for the organisation, mitigate risks, prevent harm and respond to the needs of people affected by cyber operations conducted in the context of armed conflict and other situations of violence. It works closely with relevant HQ units and field delegations to ensure complementarity and a strong anchoring in institutional and operational needs.

The Senior Cyber Risk Analyst (Team Leader) leads a small team of cybersecurity professionals, made up of technical and geopolitical analysts. They are the focal point for all matters related to cyber threat analysis and are responsible for setting and implementing cyber threat analysis priorities, objectives, and strategies.

Accountabilities & Functional responsibilities

Defines strategies and priorities for cyber threat analysis, ensuring their applicability and leading their implementation.
Leads on situation monitoring, needs assessments, planning, monitoring and evaluation of the delegation’s cyber threat analysis activities and supervises and provides technical support to all staff involved in them.
Monitors the usage of the threat intelligence platform and reviews the various frameworks and tools.
Ensures close coordination with other ICRC delegations and HQ units.
Designs and delivers workshops and training for staff and/or partners.
Develops guidelines, policies, tools and training modules for cyber threat analysis and other relevant staff.
Coaches and supervises the cyber threat analysis staff and directly contributes to developing their capacities.

People management responsibilities

Yes

Direct report: 1-5

Scope & Impact

Geographical remit: Global

Relationships

Internally: Is a member of the Delegation Operations team. Interacts with all levels of the delegation, as well as with relevant staff at Headquarters and in the field, in coordination with the Head of Operations (HoOps).

Externally: In coordination with HoOps, represents the ICRC to the authorities and organizations whose work relates to the cyber threat analysis file. Also interacts with and develops regular contacts with cyber communities, civil society, academia, and non-governmental organizations.

Certifications / Education required

Advanced university degree in economics, statistics, computer science, social sciences, geographic information systems, political science, international relations, conflict studies, cyber policy, or a related field.
Very good command of English and intermediate knowledge of another ICRC working language (Arabic, French, Russian, Spanish).
High level of technical proficiency.

Professional Experience required

12 - 15 years overall professional experience, including in cyber threat intelligence, security research or related disciplines.
Proven experience with analytical tradecraft, the intelligence cycle, open-source information gathering and analysis techniques, and strong writing skills, techniques, and methodologies.
Knowledge of and strong interest in open source frameworks and tools for cyber threat intelligence.
Knowledge of cyber threat actors, trends and activities, including hacktivist and state-sponsored groups.
Experience in leading and developing a small team a must.
Experience in project management.

Desired profile and skills

Experience in analysing, interpreting, synthesizing and presenting information for decision making.

Our Values

At the ICRC, we value impact, collaboration, respect, and compassion. We seek candidates who demonstrate behaviors based on these shared values. For more information on the ICRC values, please visit this page.