Senior Cybersecurity Specialist - Network Security

Under the general supervision of the Head of Cybersecurity Operations and the direct supervision of the Threat Detection & Response Lead, the incumbent will play a hands-on role in monitoring, investigating, and responding to cyber threats across WFP’s global environment. The role focuses on driving effective day-to-day security operations, with strong ownership of incident investigation, threat detection, and response activities across WFP’s infrastructure and network.

Working closely with other cybersecurity teams, the incumbent will contribute to continuous improvements in detection capabilities, security telemetry quality, and monitoring coverage, ensuring stronger visibility, faster triage, and more reliable response outcomes. The role also includes operational ownership of network security remediation activities, translating findings into concrete actions that reduce enterprise risk.

A key objective of the assignment is to strengthen the consistency and reliability of security monitoring data and detection signals, enhancing the organization’s ability to detect, investigate, and respond to threats in a timely and auditable manner.

Main responsibilities include, but not limited to:

• Monitor WFP environment for potential cyber incidents using available tools and telemetry, including Microsoft security consoles, the IR platform, and Threat Intel sources, while improving monitoring coverage and signal quality, reducing blind spots, and ensuring corporate assets comply with organizational logging requirements, and maintaining visibility over DLP-related events.
• Provide Tier 2/3 investigation and analysis for potential cyber incidents, including DLP incidents, using available telemetry and tools, including producing clear incident narratives, technical findings, and recommended containment and remediation actions with traceability to evidence.
• Provide assistance to vulnerability management/network security activities and the TECI consulting practice to the business, acting as a senior technical focal point for network security remediation initiatives, control improvements, and risk driven prioritization across stakeholders
• Identify and evaluate tools and/or services needed to establish regular incident detection and response across WFP infrastructure, produce proposals with options, cost and operational impact, and lead implementation of selected improvements with minimal supervision.
• Contribute to SOAR and playbook development and guarded automation for enrichment, scoping, triage, and routine containment, ensuring that sensitive steps include appropriate approvals and that actions remain auditable.
• Coordinate remediation actions for network security exposures and incidents, translating findings into implementable change requests, tracking closure, escalating as needed, and supporting the implementation of security controls aligned with cybersecurity strategy and prioritized risk activities.
• Support tickets routed to TECI, including taking ownership of complex cases, driving them to closure, and improving runbooks and documentation to reduce repeat issues and analyst toil.
• Perform other cybersecurity related duties, as assigned.

University degree in computer science/engineering or an equivalent discipline

6-8 years’ relevant experience in the areas of SIEM, Incident Management, Network Security and/or Security Platforms/Tools administration

• Strong practical experience in cybersecurity operations, including incident response, investigation, and threat analysis.
• Hands-on expertise with modern security platforms and telemetry, including SIEM, endpoint, identity, and cloud signals.
• Solid understanding of detection engineering concepts and query-based analytics such as KQL or equivalent.
• Experience translating security findings into actionable remediation and operational improvements across technical teams.
• Comfortable working with automation, enrichment, and scripting (e.g. PowerShell or Python) to improve efficiency and reduce noise.

Fluency in oral and written English is mandatory with an intermediate knowledge of another official UN language (Arabic, Chinese, French, Russian and Spanish) or Portuguese (one of WFP’s working languages) is desirable.