What We Do

The International Committee of the Red Cross (ICRC) works worldwide to provide protection and humanitarian assistance to people affected by conflict and armed violence. We take action in response to emergencies and, at the same time, promote respect for international humanitarian law. We are an independent and neutral organization, and our mandate stems essentially from the Geneva Conventions of 1949. We work closely with National Red Cross and Red Crescent Societies and with their International Federation in order to ensure a concerted, rational and rapid humanitarian response to the needs of the victims of armed conflict or any other situation of internal violence. We direct and coordinate the international activities conducted in these situations.

Purpose of the Role

The ICT Security Expert is a member of the Cyber Security Risks and Compliance (CSRC) team, supporting Information Security and Governance capabilities and related functions within the Support and Digital Transformation division. 

The expert operates and continuously enhances the ICRC's security automation and continuous monitoring processes and technology. The expert also provides information security advisory services and L3 operational support to the organization, ensuring that the ICRC operates securely across diverse locations and functions delivering services to populations impacted affected by armed conflict.

Accountabilities & Functional Responsibilities

• Ensure execution and continuous improvement of Security Automation and Continuous Monitoring (SACM) processes/technology.
• Lead vulnerability management, including configuration and integration of security tools, ensuring controlled exposure and compliance of ICRC information systems and services.
• Develop and maintain the information security CI/CD and data pipelines needed for effective SACM across a hybrid IT infrastructure with a global deployment footprint.
• Develop and maintain information security technical standards; monitor compliance and alignment ISMS policies and strategy.
• Advice and support secure implementation of systems, applications and processes ensuring compliance with policies, standards and guidelines.
• Participate in architecture reviews and related control activities.
• Support creation and delivery of information security training to specialist roles.
• Support creation and delivery of end-user security awareness activities.
• Identify emerging information security threats, analyze their consequences and impact, inform the parties concerned and ensure controls are adjusted appropriately.
• Assist the SOC coordinator in complex and escalated incidents, and during emergency situations.

Professional & Education Background

• University degree in computer science, engineering or a related field.
• Technical security certifications in domains linked to the duties via recognized body (e.g. GIAC, CompTIA, EC-Council)
• 8+ years of professional ICT experience.
• At least 5 years’ professional experience in information security which must include security operations, security control design and solution design.
• Knowledge of information security standards, control frameworks and best practices (ISO 27001, NIST, CIS, ENISA, SANS)

Desired Profile & Skills

• Excellent written and verbal communication.
• Excellent knowledge of enterprise risk management frameworks.
• Broad IT platform knowledge, with ability to conduct cybersecurity assessments from a multi-platform perspective.
• In-depth knowledge of vulnerability management as a functional component of enterprise cybersecurity.
• Demonstrable experience of working on complex IT infrastructures in a vulnerability management role within an overall cybersecurity capability.
• Solid sense of integrity, limits and understanding of the overall cyber security, risk management, and technology organization within the wider ICRC mission.
• Excellent command (spoken and written) of English.

The following are considered as assets:

• Post-graduate degree in information security or networking, or equivalent experience
• Broader certifications such as CISSP, CISM, ISO27001:2022 Lead Implementer
• Fluency in spoken and written French  

Additional Information

• Location: Geneva
• Type of contract: Open-ended
• Activity rate: 100%
• Start date: ASAP
• Recruiter:  Alejandra Rodriguez
• Application deadline: Friday, 8th of May 2026

Important information: For future employees and their dependents who are not EU and/or EFTA nationals, settling in Switzerland is now required. Direct settlement in France upon arrival is no longer possible.

Our Values

At the ICRC, we value impact, collaboration, respect, and compassion. We seek candidates who demonstrate behaviors based on these shared values. For more information on the ICRC values, please visit this page.

Are you ready to explore the next chapter of your career? Apply now!
 
The ICRC values diversity and is committed to creating an inclusive working environment. We welcome applications from all qualified candidates.