JOB DESCRIPTION

BACKGROUND AND PURPOSE OF THE ASSIGNMENT:

Under the general supervision of the Chief TECI and the direct supervision of the Head of Cybersecurity Operations, the incumbent will contribute to the design, implementation, and continuous improvement of secure cloud and hybrid environments. The role focuses on engineering and operationalizing cloud-native security controls, integrating cybersecurity into cloud infrastructure, and monitoring for threats and misconfigurations, and responding to cloud-based incidents. The incumbent will collaborate with cloud architects, operations teams, and other cybersecurity teams to ensure visibility, protection, and resilience across multi-cloud environments that are aligned with organizational risk tolerance. The role emphasizes operational excellence in cloud security, including configuration hardening, runtime protection, and continuous monitoring. The consultant will also contribute to the development of security standards and incident response capabilities, while collaborating with a small team to enhance WFP’s cloud security posture.

ACCOUNTABILITIES/RESPONSIBILITIES:

Main responsibilities include, but not limited to:

Continuously monitor cloud environments for misconfigurations, threats, and anomalies using CSPM, SIEM, SOAR, and XDR tools.
Engineer and operationalize cloud-native security controls, supporting secure integration with other cybersecurity tools and workflows.
Collaborate with architects, cloud experts and other cybersecurity areas to design and implement secure cloud and hybrid environments, contributing to the development of modern security architectures.
Oversee detection efforts for cloud services, containerized/serverless/virtualized workloads, and storage across multi-cloud settings.
Acting as cloud security SME, support incident detection, triage, and response in cloud environments, contributing to containment and recovery efforts.
Maintain and update documentation for cloud security operational procedures, processes, and playbooks.
Integrate cloud-specific cybersecurity controls into threat detection, incident response and threat intelligence & hunting processes, supporting business continuity and resilience.
Contribute to the continuous improvement of cloud security operations by evaluating emerging technologies, threats, and best practices.
Support knowledge sharing and mentoring within the team, contributing to a collaborative and high-performing engineering environment.

DELIVERABLES AT THE END OF THE CONTRACT:

Operational Cloud Security Monitoring Framework: Implemented and documented monitoring and detection use cases across CSPM, SIEM, SOAR, and XDR platforms for multi-cloud environments.
Hardened Cloud Configuration Baselines: Enforced and monitored secure configuration standards for cloud services, workloads, and storage, with validation and compliance tracking.
Runtime Protection and Access Control Implementation: Deployed and operationalized runtime security controls, least-privilege policies, and segmentation for containerized, serverless, and virtualized workloads.
Cloud Incident Detection & Response Contributions: Supported detection, triage, and recovery of cloud-related incidents, with updated playbooks and documented lessons learned.
Security Documentation and Continuous Improvement: Maintained comprehensive documentation of cloud security operations and contributed to knowledge sharing, team mentoring, and recommendations for future enhancements.

QUALIFICATIONS & EXPERIENCE REQUIRED:

Education:

University Degree in Information Technology, Information Systems, Cybersecurity, or related fields or a combination of relevant education and experience.

Experience:

At least 5 years of experience in cybersecurity or cloud operations, ideally with exposure to public cloud platforms (i.e., AWS, Azure, GCP).

Knowledge & Skills:

Solid understanding of IT security principles, with a mix of academic knowledge and practical experience.
Familiarity with deploying, monitoring, and operating cloud-native security tools, and applying secure configurations in cloud environments.
Understanding of cloud security operations, including monitoring, threat detection and response.
Exposure to containerized, serverless, or virtualized workloads, including runtime protection and access controls.
Proficiency in scripting or automation (e.g., Python, PowerShell, Terraform) is an asset.
Previous experience in international or UN environments is valued, but not essential.
Cloud-related certifications are desirable, though equivalent hands-on experience is equally appreciated
Strong organizational, analytical, and problem-solving skills.

Languages:

Fluency (level C) in English language. Intermediate knowledge (level B) of a second official UN language desirable: Arabic, Chinese, French, Russian, Spanish, and/or WFP’s working language, Portuguese.

Level of Education: Bachelor Degree

Work Hours: 8

Experience in Months: No requirements