PAHO Consultant - Security Operations and Vulnerability Management Analyst (ITS)

Benefits

Additional Information

OBJECTIVE OF THE OFFICE/DEPARTMENT This is a requisition for employment at the Pan American Health Organization (PAHO)/Regional Office of the World Health Organization (WHO) Contractual Agreement: Non-Staff - International PAHO Consultant Job Posting: June 2, 2026 Closing Date: June 10, 2026, 11:59 PM Eastern Time Primary Location: Off Site Organization: ITS Information Technology Services Schedule: Full time PURPOSE OF CONSULTANCY Information Security Consultant - Security Operations and Vulnerability Management Analyst PAHO is searching for an independent consultant to work at the Department of Information Technology Services (ITS), who will support the operational cybersecurity capabilities of PAHO's Information Security Program, with focus on security monitoring, incident response, threat hunting, and vulnerability management support. 1. Background The Pan American Health Organization (PAHO), as the specialized international health agency for the Americas and Regional Office for the Americas of the World Health Organization, relies on secure, resilient, and trusted digital services to support its technical cooperation, administrative operations, and regional public health mandate. The Department of Information Technology Services (ITS), through the Information Security Program, is strengthening its internal Security Operations capability to improve the detection, analysis, response, and coordination of cybersecurity events and vulnerabilities across PAHO's technology environment. PAHO operates an internal security operations function supported by external service providers and uses security technologies such as Microsoft Sentinel, Microsoft Defender suite, Varonis, and Qualys to support alert monitoring, incident response, threat detection, data security visibility, and vulnerability management activities. In this context, PAHO requires specialized consultancy support to strengthen the operational execution of security monitoring, incident response, threat hunting, and vulnerability analysis, while ensuring effective coordination with IT Operations, Service Desk, technical focal points, application owners, system custodians, and external providers. 2. Purpose of the Consultancy The purpose of this consultancy is to provide specialized Security Operations and Vulnerability Management support to PAHO's Information Security Program by performing security monitoring, alert triage, incident response support, threat hunting, and operational vulnerability analysis. The consultant will contribute to PAHO's ability to detect, analyze, respond to, and coordinate the mitigation of cybersecurity threats across endpoint, identity, cloud, application, data, and infrastructure environments. The consultant will also support the operational use of vulnerability management information to help prioritize risks, coordinate remediation actions with responsible teams, validate mitigation efforts where applicable, and provide inputs to improve security operations processes, detection capabilities, and vulnerability management practices. DESCRIPTION OF DUTIES: 3. Duties and Responsibilities Under the supervision of the Information Security Advisor (CISO), the consultant will perform the following activities: A. Security Monitoring and Alert Analysis Monitor and analyze security alerts and events from Microsoft Sentinel, Microsoft Defender suite, Varonis, and other relevant security tools. Validate, classify, and prioritize alerts based on severity, affected assets, business impact, exposure, and potential risk to the Organization. Identify suspicious activity across endpoints, identities, cloud services, data repositories, applications, and infrastructure components, escalating confirmed or high-risk events according to established procedures. Provide operational feedback to improve alert quality, reduce false positives, strengthen detection coverage, and optimize monitoring practices. B. Incident Response, Operational Coordination and Playbook Improvement Support the execution and coordination of incident response activities, including initial analysis and investigation of affected users, endpoints, identities, data repositories, cloud resources, or applications, containment support, evidence collection, escalation, and follow-up with relevant stakeholders. Coordinate incident handling with IT Operations, Service Desk, infrastructure teams, application owners, system custodians, external service providers, vendors, and existing Service Management, Incident Response, and Disaster Recovery processes. Prepare incident summaries and post-incident notes, including affected assets, response actions, coordination performed, lessons learned, and recommended improvements. Contribute operational input to the development, validation, and improvement of incident response playbooks, escalation paths, and automation opportunities. C. Threat Hunting and Detection Support Conduct proactive threat hunting activities across endpoint,

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at paho? Share your experience