[Hiring] PAHO Consultant - Security Operations and Vulnerability Management Analyst @Pan American Health Organization

Role Description

Information Security Consultant – Security Operations and Vulnerability Management Analyst

PAHO is searching for an independent consultant to work at the Department of Information Technology Services (ITS), who will support the operational cybersecurity capabilities of PAHO’s Information Security Program, with focus on security monitoring, incident response, threat hunting, and vulnerability management support.

Qualifications

• University degree in Information Technology, Information Security, Cybersecurity, Computer Science, Engineering, or other related disciplines from an accredited institution.
• Desirable: Specialized training in security operations, incident response, vulnerability management, cloud security, threat hunting, or Microsoft security technologies.
• Microsoft Certified: Security Operations Analyst Associate, or equivalent.
• GIAC Certified Incident Handler (GCIH) or equivalent.
• CompTIA Security+, or equivalent cybersecurity certifications.
• ITIL Foundation or equivalent service management certification.
• At least seven years of combined relevant professional experience in information security, security operations, incident response, vulnerability management, and/or related areas.
• Proven experience performing security monitoring, alert triage, incident analysis, and operational response activities in enterprise environments.
• Experience using SIEM, EDR/XDR, vulnerability management, and data security monitoring tools to analyze security events, investigate incidents, and support remediation activities.
• Experience supporting vulnerability management processes, including vulnerability analysis, risk-based prioritization, remediation coordination, and validation.
• Experience with Microsoft Azure security services and the Microsoft security ecosystem, including Microsoft Sentinel, Defender, Entra ID, Intune, and related security capabilities.
• Working knowledge of scripting, query, and automation languages such as PowerShell, Python, KQL, JavaScript, and/or shell scripting.
• Ability to work collaboratively with cross-functional teams.
• Ability to communicate security incidents, technical findings, vulnerability risks, and remediation recommendations clearly to technical and non-technical stakeholders.
• Strong analytical, problem-solving, documentation, coordination, and follow-up skills.
• Ability to work under pressure during security incidents and maintain clear documentation of actions taken.
• Ability to translate operational security findings into actionable recommendations for detection improvement, incident response, and vulnerability management.
• Very good knowledge of English and Spanish.

Requirements

• Monitor and analyze security alerts and events from Microsoft Sentinel, Microsoft Defender suite, Varonis, and other relevant security tools.
• Validate, classify, and prioritize alerts based on severity, affected assets, business impact, exposure, and potential risk to the Organization.
• Identify suspicious activity across endpoints, identities, cloud services, data repositories, applications, and infrastructure components.
• Provide operational feedback to improve alert quality, reduce false positives, strengthen detection coverage, and optimize monitoring practices.
• Support the execution and coordination of incident response activities.
• Coordinate incident handling with IT Operations, Service Desk, infrastructure teams, application owners, system custodians, external service providers, vendors, and existing Service Management, Incident Response, and Disaster Recovery processes.
• Prepare incident summaries and post-incident notes.
• Conduct proactive threat hunting activities across endpoint, identity, cloud, data, and application environments.
• Identify indicators of compromise, anomalous behavior, suspicious access patterns, unusual data activity, and potential misuse of organizational resources.
• Analyze vulnerability findings from Microsoft Defender, Qualys, and other relevant sources.
• Provide security analysis, risk-based prioritization and coordination support for remediation actions.
• Prepare periodic summaries of security monitoring activities, notable alerts and incidents, threat hunting findings, vulnerability exposure, and operational risks.
• Recommend improvements to detection quality, alert triage, incident handling, vulnerability management workflows, and coordination with external providers.

Benefits

• Band B - Daily rate $258-$314.
• Duration: Until 31 December 2026, possibility of extension subject to performance and availability of funds.