Cyber Threat Technical Analyst
Luxembourg (LUM), LU, 27276
International Committee of the Red Cross
Reports to (role)
Cyber Risk Analysist Team Leader
What we do
The International Committee of the Red Cross (ICRC) works worldwide to provide protection and humanitarian assistance to people affected by conflict and armed violence. We take action in response to emergencies and, at the same time, promote respect for international humanitarian law. We are an independent and neutral organisation, and our mandate stems essentially from the Geneva Conventions of 1949. We work closely with National Red Cross and Red Crescent Societies and with their International Federation in order to ensure a concerted, rational and rapid humanitarian response to the needs of the victims of armed conflict or any other situation of internal violence. We direct and coordinate the international activities conducted in these situations.
The humanitarian sector has been undergoing a significant digital transformation in recent years, creating both opportunities and risks. On the one hand, people affected by humanitarian emergencies are increasingly connected, and humanitarian organisations are developing and offering digital humanitarian services. On the other hand, unauthorized access to or extraction of humanitarian data by malicious actors, to gain operational advantages or for other non-humanitarian purposes, can create significant risks for the dignity and safety of vulnerable people whilst undermining the work of humanitarian actors.
The recent creation of an ICRC Delegation for Cyberspace and its transition into a Global Cyber Hub aims at strengthening the organisation’s capacity to deliver on its mandate in the digital age. The delegation explores new ways to support, enable, and protect the ICRC’s digital footprint, which is made up primarily of the data that affected populations entrust it with and of the digital means – products and services – it deploys in conflict zones. The delegation maintains a safe R&D environment to develop a response to the challenges brought by digitalization, notably in conflict settings, and anticipate those that will continue to emerge. Understanding what adherence to the fundamental principles of neutrality, impartiality, and independence of exclusively humanitarian action means in the digital age, and adapting its operating modalities and technology choices accordingly, is a key component of this. This is essential for the ICRC to gain and preserve the trust of affected people as well as interlocutors, to continue to have access to affected areas, also digitally, to ensure that affected people access essential humanitarian services, and to ensure the acceptance and safety of its own staff.
Purpose
The Cyber Risk (Threat) Analysis team monitors all contexts where the ICRC operates, and based on collection and experience, develops processes that enable the organisation to identify, analyse, and understand the evolution and motivations of actors and threats (technical and strategic) in cyberspace. This work prepares the ground for and informs humanitarian engagement and operational dialogue and provides support to the HQ units and delegations that need it to ensure access and (cyber) security for the organisation, mitigate risks, prevent harm and respond to the needs of people affected by cyber operations conducted in the context of armed conflict and other situations of violence. It works closely with relevant HQ units and field delegations to ensure complementarity and a strong anchoring in institutional and operational needs.
The Cyber Risk Technical Analyst gathers, collects and analyses technical information related to cyber risk. S/he takes care of the technical services required to inform and run the analysis and support cyber risk functions. S/he organises and coordinates the technical activities for the Cyber Risk Analysis team, working collaboratively with other analysts.
Accountabilities & Functional responsibilities
- Gathers, documents, and analyses the threat data through various defined systems to create intelligence, including in the form of detailed reports.
- Develops actionable threat intelligence at both tactical and operational levels. Provide insights that aid in timely detection, mitigation, and prevention strategies.
- Maintains and updates the threat intelligence platform and related tools.
- Supports incident response activities related to cybersecurity incidents, including detection, analysis, and mitigation of breaches or attacks.
- Works collaboratively within the Cyber Risk Analysis team, sharing relevant information as required.
People management responsibilities
No
Scope & Impact
Geographical remit: Global
Relationships
- Internally, is a member of the Delegation Operations team. Interacts with all levels of the delegation, as well as with relevant staff at Headquarters and in the field, in coordination with the Head of Operations (HoOps) and Senior Cyber Risk Analyst.
- Externally, interacts with cyber communities, civil society, academia, and non-governmental organisations.
Certifications / Education required
- Advanced university degree in economics, statistics, computer science, social sciences, geographic information systems, political science, international relations, conflict studies, cyber policy, or a related field.
- Very good command of English, knowledge of another ICRC working language (Arabic, French, Russian, Spanish) a plus.
- High level of technical proficiency.
Professional Experience required
- 10-12 years overall professional experience, including in cyber threat intelligence, security research or related disciplines.
- Proven experience with analytical tradecraft, the intelligence cycle, open-source information gathering and analysis techniques.
- Knowledge of and strong interest in open source frameworks and tools for cyber threat intelligence.
- Knowledge of cyber threat actors, trends, and activities, including hacktivist and state-sponsored groups.
- Experience in analysing, interpreting, and presenting information for decision making.
Desired profile and skills
- Experience in analysing, interpreting, synthesizing and presenting information for decision making.
Our Values
- At the ICRC, we value impact, collaboration, respect, and compassion. We seek candidates who demonstrate behaviors based on these shared values. For more information on the ICRC values, please visit this page.
Additional information
- Location : Luxembourg
- Activity rate : 100%
- Length of assignment : Open ended
- Estimated start date : ASAP
- Application deadline : 14/01/2025
- Resident Position
- No remote working
- Job level: C1 (per ICRC classification)
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Computer Science Incident response Open Source R&D Risk analysis Threat intelligence
Perks/benefits: Startup environment
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.