Digital Security Risk Management Adviser

Reports to (role)

• Head of Operations - ICRC Delegation for Cyberspace | Global Cyber Hub in Luxembourg

What we do

The International Committee of the Red Cross (ICRC) works worldwide to provide protection and humanitarian assistance to people affected by conflict and armed violence. We take action in response to emergencies and, at the same time, promote respect for international humanitarian law. We are an independent and neutral organization, and our mandate stems essentially from the Geneva Conventions of 1949. We work closely with National Red Cross and Red Crescent Societies and with their International Federation in order to ensure a concerted, rational and rapid humanitarian response to the needs of the victims of armed conflict or any other situation of internal violence. We direct and coordinate the international activities conducted in these situations.

Digital transformation is profoundly impacting armed conflict and humanitarian action. The ICRC Delegation for Cyberspace and Global Cyber Hub was set up to help the ICRC navigate challenges, risks, and opportunities for the organization's identity and perception as a neutral, impartial and independent humanitarian actor and its capacity to deliver on its mandate in the digital age. With its R&D identity and expertise, the Delegation connects to internal initiatives and efforts to adapt to an increasingly digital world, to anchor that work squarely in and at the service of the field operations and affected people, and to support a principled digital transformation. This includes proximity, do-no-harm and confidentiality in its use of digital technology, and strengthening ICRC capacity to integrate the cyber/digital dimension in its operations and its response to people's needs. This is essential to gain and preserve the trust of affected people as well as interlocutors, to continue to access affected areas, to ensure that affected people access essential humanitarian services, and to ensure the acceptance and safety of its staff.

Purpose

The Operations Team in the Global Cyber Hub in Luxembourg addresses the need for the ICRC to identify, analyse, and understand the evolution of actors and threats (technical and strategic) in cyberspace. The knowledge developed by the team, including through and exclusively humanitarian approach to cyber threat analysi, is used to inform and support ICRC global operational context analysis, field and cyber security management, digital resilience and business continuity, operational dialogue, protection work, detection and analysis of harmdul information, and other institutional and/or operational needs.

Under the supervision of the Head of Operations and in close collaboration with field operations teams and relevant units at HQ, the Digital Security Risk Management Adviser (DSRMA) supports and advises delegations in addressing the growing complexities and challenges at the intersection of cyber / digital security and physical security. The post-holder supports the ICRC’s Security and Crisis Management Support Unit (SCMS) in a global expert adviser capacity, with a focus on advising priority field delegations. The post-holder contributes to monitoring by SCMS and the Office of the Director of Operations of the effectiveness of the cyber / digital component of the security and safety risk management process in the field.

Accountabilities & Functional responsibilities

• Advises and provides guidance to delegations on cyber / digital security matters, systems, policies and set-ups as they relate to security and safety management, including briefings, assessments, contingency planning, incident response and lessons-learned exercises, contributing to the integration of the physical and digital contexts.
• Is ready for rapid deployment to support any field crisis management structure and provide any training needed.
• Contributes with expert knowledge – cyber / digital security lens – to identifying and analysing risks, defining mitigation measures and drawing up an effective risk monitoring plan; applying the ICRC’s security and safety risk methodology to the challenges of the digital era, operating as a humanitarian actor in digitalized conflict
• Provides in-depth analysis and develops guidance on relevant subjects, building on the knowledge available at the Global Cyber Hub in Luxembourg, HQ units, field delegations, and through external stakeholders.
• Monitors reporting, analysis and follow-up by delegations of related cyber / digital security incidents.
• Has a technical reporting line to the ICRC’s Security and Crisis Management Support Unit (SCMS), participating in unit’s activities and serving as the unit’s thematic lead on cyber / digital security.
• Collaborates transversally, including with security managers, operational cyber security staff, and information and communication technology (ICT) staff at headquarters and in field delegations.
• Contributes to and/or facilitates courses, training modules, workshops for staff and partners.

People management responsibilities

No 

Scope & Impact

• Geographical remit: Global

Relationships

• Internally: Is a member of the Global Cyber Hub Operations Team with a technical reporting line to SCMS at headquarters (Geneva). Interacts with colleagues across the Global Cyber Hub in Luxembourg and SCMS at headquarters and in the field, as well as with management teams and relevant staff in delegations, and with staff at headquarters as required, in coordination with the Head of Operations.
• Externally: In coordination with the Head of Operations, interacts with selected authorities and organisations in the same sector or field of expertise (e.g. International Red Cross and Red Crescent Movement, UN agencies, NGOs, civil society, academia, security researchers, cyber security agencies, CERTs, private sector).

Certifications / Education required

• University degree. Accreditation in field of risk/security/crisis management a strong asset.
• Very good command of written and spoken English. Knowledge of Arabic, Chinese, French, Russian or Spanish, at least passive, would be an asset.

Professional Experience required

• 10-12 years overall professional experience.
• Practical experience in any of the following: risk, security or crisis management or coaching.
• In-depth understanding of cyber / digital security topics and a demonstrated ability to produce guidance to strengthen the cyber / digital security practices of individuals and organisations.

Desired profile and skills

• Experience with the ICRC or other International Red Cross and Red Crescent Movement components, UN agencies or humanitarian NGOs, a strong asset.
• Proven analytical and conceptualization skills coupled with common sense and a ‘hands-on’ attitude.
• Strong communication skills and ability to interact with different departments and sites across an organisation and/or across a network of stakeholders.
• Proven experience in relationship-building, facilitation and mentoring.
• Demonstrated ability to consume cyber threat intelligence reporting and understand the implications for digital security of individuals and organisations.
• Previous experience and ability to conduct training and presentations that engage audiences.
• High travel capacity / availability (field missions and emergency support).

Our values

At the ICRC, we value impact, collaboration, respect, and compassion. We seek candidates who demonstrate behaviors based on these shared values. For more information on the ICRC valies, 

Additional information

• Location : Luxembourg
• Activity rate : 100%
• Length of assignment : Open ended
• Estimated start date : ASAP
• Application deadline : 04/07/2025
• Resident Position - Transition package for ICRC staff applies