The Cybersecurity Investigations & Response (CIR) team within AC3 (Aon’s Global Cybersecurity Operations) is responsible for leading and coordinating incident response, conducting in‑depth investigations, and continuously improving how Aon detects, responds to, and recovers from cyber events. This role can be virtual near one of our US office locations. Aon is in the business of better decisions At Aon, we shape decisions for the better to protect and enrich the lives of people around the world. As an organization, we are united through trust as one inclusive team, and we are passionate about helping our colleagues and clients succeed. What the day will look like This role focuses on deep investigation, coordination, and response leadership—ensuring incidents are executed according to defined processes, evidence is preserved, risks are clearly understood, and lessons learned to drive measurable improvements across Aon’s cybersecurity program. Incident Response & Investigations - Lead or support end-to-end investigations for security incidents, from initial triage through containment, eradication, and recovery. - Perform detailed analysis of alerts, logs, and telemetry across multiple domains (SIEM, endpoint, identity, network, cloud, email, and third-party sources) to determine scope, root cause, and business impact. - Partner closely with AC3 Threat Detection & Response (TDR) teams to validate true positives, refine investigative hypotheses, and improve the quality and reliability of detection signals. - Develop clear incident timelines, findings, and technical assessments, ensuring accurate and complete case documentation. - Maintain high-quality incident records and evidence within Aon’s case management and response tooling. Crisis & Stakeholder Coordination - Support crisis execution during major or high-severity incidents, collaborating with GEOC, Legal, Risk, Audit, Communications, and business leadership as required. - Translate technical findings into clear, risk-based insights for both technical and non-technical audiences. - Follow and reinforce consistent escalation and communication patterns—ensuring the right stakeholders are informed at the right time with the right level of detail. - Contribute to calm, structured, and disciplined response execution during high-pressure events. Playbooks, Procedures & Readiness - Help develop, maintain, and improve incident response runbooks, playbooks, and standard operating procedures for common and high-impact scenarios (e.g., ransomware, BEC, insider threat, data ex-filtration, cloud compromise). - Participate in, and help design, tabletop exercises and simulations to test technical response and crisis readiness. - Support audit, regulatory, and internal assurance activities by clearly documenting response processes, decisions, and evidence of execution. Continuous Improvement & Threat‑Informed Defense - Lead or contribute to lessons‑learned activities following incidents and near misses; track improvement actions through to completion. - Partner with vulnerability management, identity, infrastructure, cloud, and application security teams to ensure investigation insights drive real risk reduction. - Identify detection and visibility gaps and work with TDR to enhance telemetry, tune detections, and improve signal-to-noise ratios across AC3. - Strengthen Aon’s threat‑informed defense by feeding investigative insights back into controls, detections, and processes. Collaboration & Global Alignment - Operate within a follow‑the‑sun global model, coordinating with CIR and TDR peers across North America, EMEA, and APAC. - Support alignment of tools, telemetry, processes, and reporting across regions to enable consistent, scalable operations. - Contribute to a culture of collaboration, shared ownership, and continuous improvement across AC3 and Global Cybersecurity Solutions. How this opportunity is different As a CIR Analyst, you will play a critical role in investigating and responding to security incidents across Aon’s North America region. You will work closely with TDR, Global Security Operations, IT, Legal, Risk, Audit, and business stakeholders to ensure incidents are handled effectively and consistently. Skills and experience that will lead to success Required - Professional experience in cybersecurity operations, incident response, digital forensics, threat hunting, or a closely related discipline. - Strong understanding of core security domains, including: Network security; Endpoint security; Identity and access management; Cloud security fundamentals; Common attack techniques (MITRE ATT&CK familiarity preferred); - Hands-on experience with multiple security technologies, such as: SIEM platforms (log analysis, investigation, correlation); EDR/EPP tools; Network security tools (firewalls, proxies, IDS/IPS); Email security and identity platforms; Cloud security and logging solutions - Demonstrated ability to analyze telemetry, develop investigative hypotheses, and methodically work incidents through to resolution. - Strong written and verbal communication skills, including the ability to produce clear technical documentation and concise executive-level summaries. - Familiarity with structured incident response frameworks (e.g., NIST, SANS, ISO) is preferred. Preferred - Experience in a large, complex, or global enterprise environment. - Prior work experience in a SOC, DFIR function, or Cyber Incident Response Team. - Familiarity with automation or scripting (e.g., Python, PowerShell, KQL, or SOAR platforms) to accelerate investigations and response. - Experience working with SOAR or case management platforms in an operational environment. - Relevant industry certifications (e.g., GCIA, GCFA, GNFA, GCIH, CISSP, CISM) are a plus but not required. Education: Bachelor’s degree or equivalent years of industry experience. How we support our colleagues In addition to our comprehensive benefits package, we encourage an inclusive workforce. Plus, our agile environment allows you to manage your wellbeing and work/life balance, ensuring you can be your best self at Aon. Furthermore, all colleagues enjoy two “Global Wellbeing Days” each year, encouraging you to take time to focus on yourself. We offer a variety of working style solutions for our colleagues as well. Our continuous learning culture inspires and equips you to learn, share and grow, helping you achieve your fullest potential. As a result, at Aon, you are more connected, more relevant, and more valued. Aon values an innovative and inclusive workplace where all colleagues feel empowered to be their authentic selves. Aon is proud to be an equal opportunity workplace. Aon provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, veteran, marital, domestic partner status, or other legally protected status. People with criminal histories are encouraged to apply. We are committed to providing equal employment opportunities and fostering an inclusive workplace. If you require accommodations during the application or interview process, please let us know. You can request accommodations by emailing us at ReasonableAccommodations@Aon.com or your recruiter. We will work with you to meet your needs and ensure a fair and equitable experience. For positions in San Francisco and Los Angeles, we will consider for employment qualified applicants with arrest and conviction record in accordance with local Fair Chance ordinances. Aon is not accepting unsolicited resumes from search firms for this position. If you are a search firm, you will not be compensated in any way for your submission of a candidate, even if Aon hires that candidate. Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time. Pay Transparency Laws: The salary range for this position (intended for U.S. applicants) is $150,000 - $175,000 USD annually. The actual salary will vary based on applicant’s education, experience, skills, and abilities, as well as internal equity and alignment with market data. The salary may also be adjusted based on applicant’s geographic location. This position is eligible to participate in one of Aon’s annual incentive plans to receive an annual discretionary bonus in addition to base salary. The amount of any bonus varies and is subject to the terms and conditions of the applicable incentive plan. Aon offers a comprehensive package of benefits for full-time and regular part-time colleagues, including, but not limited to: a 401(k) savings plan with employer contributions; an employee stock purchase plan; consideration for long-term incentive awards at Aon’s discretion; medical, dental and vision insurance, various types of leaves of absence, paid time off, including 12 paid holidays throughout the calendar year, 15 days of paid vacation per year, paid sick leave as provided under state and local paid sick leave laws, short-term disability and optional long-term disability, health savings account, health care and dependent care reimbursement accounts, employee and dependent life insurance and supplemental life and AD&D insurance; optional personal insurance policies, adoption assistance, tuition assistance, commuter benefits, and an employee assistance program that includes free counseling sessions. Eligibility for benefits is governed by the applicable plan documents and policies. #LI-RB1 #LI-VIRTUAL 2026-99204

Please note the appropriate Tier indicated in the vacancy title and ensure that you hold the applicable contract as defined below. · Tier 1: UNDP/ UNCDF/ UNV staff holding permanent (PA) and fixed term (FTA) appointments (defined as “internal” candidates) · Tier 2: UNDP/ UNCDF/ UNV staff holding temporary appointments (TA), personnel on regular PSA contracts, and Expert and Specialist UN Volunteers Background The Office of Audit and Investigations (OAI) reports to the Administrator and is responsible for internal audit and investigations services to UNDP and its affiliated entities. OAI provides independent, objective assurance on the effectiveness of risk management and the effectiveness and adequacy of internal controls. OAI also responds to allegations of misconduct by conducting and reporting on investigations. The Investigations Section of OAI is responsible for conducting investigations into allegations of misconduct, such as mismanagement, fraud, corruption, retaliation on whistle-blowers, workplace harassment, sexual harassment, abuse of authority, violation or willful disregard of UNDP regulations, rules, and administrative instructions, that involve UNDP staff, contractors and other applicable persons. OAI conducts investigations in accordance with the Uniform Principles and Guidelines for Investigations, the UNDP Legal Framework for Addressing Non-Compliance with UN Standards of Conduct, and the OAI Investigation Guidelines. OAI seeks to engage a French-speaking Investigations Specialist under the International Personnel Services Agreement (IPSA) to support the Central and West Africa (CWA) team of Unit 2 – Regional Investigations (Africa) and Sexual Misconduct Team. Scope of Work The Investigations Specialist is required to conduct highly complex investigations into allegations of fraud, abuse and misconduct in a timely and efficient manner, and ensure that the investigative actions are consistent with UNDP Rules and Regulations and internationally accepted standards. The specific tasks that will be required are: 1. Ensure the effective planning and conduct of complex investigations - Ensure planning and conducting investigations in accordance with UNDP policies and procedures and the OAI Investigation Guidelines. - Plan investigations to ensure that all appropriate lines of inquiry are identified, and investigation resources are used effectively and efficiently to factually determine the issues relevant to an investigation. - Lead in identifying, collecting and analyzing information software, internal data, and open-source information relevant to investigations, demonstrating an understanding of information security and confidentiality issues relevant to an investigation. - Collect, record, and handle evidence appropriately, ensuring chain of custody and demonstrating knowledge of handling considerations for different types of evidence. - Use specialist investigation services as and when appropriate (for example, document examination and computer forensics). - Conduct interviews with complainants, witnesses, subjects and suspects showing effective communication across diverse backgrounds and ensure precise recording and verification of testimony as needed. - Interview subjects/suspects in accordance with generally accepted best practice procedures (in order to obtain reliable information, while affording due process). - Assist the Intelligence, Analysis and Research Team by assessing complaints when needed. - Plan and undertake frequent, and at times, extended missions to UNDP offices worldwide, including areas with hazardous working conditions. 2. Ensure all investigation reports are updated. - Keep the Investigations Section’s database and case files up to date on cases under investigation. - Prepare high-quality investigation reports and documents that objectively summarize findings, with evidence-based conclusions and recommendations. 3. Build strategic partnerships - Liaise with the Office of Legal Services (OLS), Country Office management, the Vendor Review Committee (VRC), Office of Human Resources (OHR), Ethics Office, and other relevant UNDP business units. - Liaise with the investigation sections of other international organizations and with national anti-corruption and law enforcement agencies as appropriate. 4. Facilitate capacity building and knowledge sharing - Participate in outreach session to train UNDP personnel worldwide as required. - Contribute to the ongoing development of professional practices within OAI. The incumbent performs other duties within their functional profile as deemed necessary for the efficient functioning of the Office and the Organization. Institutional Arrangement The Investigations Specialist will be tasked by the Investigations Specialist – Team Lead (CWA) or by the Chief, Regional Investigations (Africa) and Sexual Misconduct Team (SMT). The work produced by the Investigations Specialist will be submitted to the Team Lead, CWA under the overall supervision of the Chief, Regional Investigations (Africa) and SMT. Competencies Core - Achieve Results: LEVEL 3: Set and align challenging, achievable objectives for multiple projects, have lasting impact - Think Innovatively: LEVEL 3: Proactively mitigate potential risks, develop new ideas to solve complex problems - Learn Continuously LEVEL 3: Create and act on opportunities to expand horizons, diversify experiences - Adapt with Agility LEVEL 3: Proactively initiate and champion change, manage multiple competing demands - Act with Determination LEVEL 3: Think beyond immediate task/barriers and take action to achieve greater results - Engage and Partner LEVEL 3: Political savvy, navigate complex landscape, champion inter-agency collaboration - Enable Diversity and Inclusion LEVEL 3: Appreciate benefits of diverse workforce and champion inclusivity Cross-Functional & Technical competencies Audit & Investigation - Investigation management and investigative techniques: The ability to manage an investigation, choose avenues of inquiry and apply different techniques during an investigation, including investigative interviewing; seizure of documentary and electronic evidence; identification, collection, review and analysis of all types of evidence, including project, procurement and commercial business documentation and electronic communications; forensic analysis; verification site visits; open-source research. - Evidence Handling procedures: Ability to acquire, compile and safeguard information in a forensically sound manner to keep evidence integrity and chain of custody. - Investigative Interviewing: Ability to conduct investigative interviews with all types of investigation participants, including witness and subjects, using an approach tailored to the interviewee and the investigation. - Collection and analysis of evidence: Ability to extract and analyse all relevant types of evidence and be able to draw reasonable inferences and conclusions. - Technology tools and applications for investigations: Ability to understand key application and system software, IT infrastructure, IT Control frameworks and the use of forensic investigation software. Business Management - Communication: Communicate in a clear, concise and unambiguous manner both through written and verbal communication; to tailor messages and choose communication methods depending on the audience. Ability to manage communications internally and externally, through media, social media and other appropriate channels Business Direction & Strategy - System Thinking: Ability to use objective problem analysis and judgement to understand how interrelated elements coexist within an overall process or system, and to consider how altering one element can impact on other parts of the system. Required Skills and Experience Min. Academic Education - Advanced university degree (master’s degree or equivalent) in Investigations, Development Studies, Law, Conflict, International Affairs, Social Sciences or related field is required. Or - A first level university degree (bachelor’s degree) in the areas mentioned above, in combination with additional 2 years of qualifying experience, will be given due consideration in lieu of an advanced university degree. Min. years of relevant Work experience and skills - A minimum of 5 years (with master’s degree) or 7 years (with bachelor’s degree) of progressively responsible experience in complex criminal, civil and/or administrative investigations, law enforcement, or equivalent experience in a research capacity. Required Skills and competencies - At least one year of experience working within an international investigation role is required. - Demonstrated ability to use the following tools: Microsoft office suite; presentation software applications; and forensic software (such as Intella) - Proven track record of demonstrated strong understanding of information security and confidentiality issues relevant to investigations Desired additional skills and competencies - Experience working with UNDP or the UN System is desirable. - Familiarity with investigative procedures applicable to OAI/UNDP is an advantage. - Experience conducting sexual misconduct investigations or experience with victim support is desirable. Required Language(s) - Fluency in French and English is required. Equal opportunity As an equal opportunity employer, UNDP values diversity as an expression of the multiplicity of nations and cultures where we operate and, as such, we encourage qualified applicants from all backgrounds to apply for roles in the organization. Our employment decisions are based on merit and suitability for the role, without discrimination. UNDP is also committed to creating an inclusive workplace where all personnel are empowered to contribute to our mission, are valued, can thrive, and benefit from career opportunities that are open to all. Sexual harassment, exploitation, and abuse of authority UNDP does not tolerate harassment, sexual harassment, exploitation, discrimination and abuse of authority. All selected candidates, therefore, undergo relevant checks and are expected to adhere to the respective standards and principles. Right to select multiple candidates UNDP reserves the right to select one or more candidates from this vacancy announcement. We may also retain applications and consider candidates applying to this post for other similar positions with UNDP at the same grade level and with similar job description, experience and educational requirements. Scam alert UNDP does not charge a fee at any stage of its recruitment process. For further information, please see www.undp.org/scam-alert. #LI-DNI

• Serve as trusted advisor to team’s leadership and partner teams by clearly articulating business risks associated with security issues • Execute the long-term vision for the Security team in alignment with Cohere’s product and business goals. • Collaborate closely with leadership to prioritize high-impact initiatives and strategic customer engagements. • Secure cloud infrastructure, platform, and data through architecture reviews, automation, and continuous monitoring to mitigate cloud-specific risks (Cloud Security) • Own identify and access management across Cohere systems and data ensuring robust identity governance, authentication and authorization mechanisms to applications and infrastructure (IAM) • Detect, analyze, and respond to security threats in real time while maintaining visibility across the enterprise • Minimize business impact from security incidents through rapid containment, eradication, and recovery (D&R) • Lead and grow a high-performing team of Security engineers through hiring, coaching, and mentorship • Foster a culture of ownership, innovation, and continuous learning. • Establish and evolve team processes to maximize productivity and execution speed.

Description The Role GM's Cybersecurity Team safeguards the company's global information assets, networks, and infrastructure. Our mission is to proactively defend GM against evolving cyber threats through strategic leadership, technical excellence, and innovative risk management. We seek cybersecurity professionals with advanced expertise, capable of driving enterprise security initiatives and influencing organizational resilience. We are seeking a highly skilled Senior Cybersecurity Engineer with deep expertise in systems development, cybersecurity, and modern software engineering practices. This role requires a seasoned professional who can design, build, and maintain secure, scalable platforms while integrating advanced technologies such as AI and data enrichment into security operations. What You'll Do - Platform Engineering & Development - Design, develop, and maintain security-focused platforms using scripting languages, C++, and Rust. - Implement modern development processes (CI/CD, DevOps, Agile) to ensure efficient and reliable delivery. - Build scalable solutions across Linux-based environments and cloud-native architectures. - Systems Integration - Integrate diverse systems using APIs, webhooks, and other communication protocols. - Develop and maintain integrations with AI-driven tools and data enrichment platforms to enhance SecOps capabilities. - Ensure interoperability across heterogeneous environments and security tools. - Security Operations - Collaborate with SecOps teams to design and implement advanced monitoring, detection, and response solutions. - Troubleshoot complex systems and resolve performance, reliability, and security issues. - Apply cybersecurity best practices to safeguard infrastructure and applications. - Infrastructure & Cloud - Architect and manage cloud-based environments (AWS, Azure, GCP) with a focus on security and scalability. - Optimize Linux OS and kernel-level configurations for performance and resilience. - Automate infrastructure provisioning and configuration management. Your Skills & Abilities (Required Qualifications) - Bachelor's degree in computer science or a related field, or equivalent professional experience. - 7+ years in systems development , with a proven track record of delivering complex solutions. - Minimum 4+ years in SecOps or cybersecurity -focused roles. - Strong programming skills in scripting languages, C++, and Rust . - Solid understanding of Linux OS internals and kernel-level operations . - Hands-on experience with cloud development and architecture ( AWS, Azure, GCP ). - Proficiency in troubleshooting complex distributed systems. - Experience integrating systems via APIs , webhooks, and other protocols. - Familiarity with AI-driven integrations and data enrichment workflows. - Strong problem-solving and analytical abilities. - Excellent communication and collaboration skills. - Ability to work in fast-paced, dynamic environments. What Will Give You a Competitive Edge (Preferred Qualifications) - Experience with containerization ( Docker, Kubernetes ). - Knowledge of security frameworks and compliance standards ( NIST, ISO, SOC2 ). - Familiarity with SIEM, SOAR, EDR , and other SecOps platforms. - Contributions to open-source projects or security communities. Compensation: The compensation information is a good faith estimate only. It is based on what a successful applicant might be paid in accordance with applicable state laws. The compensation may not be representative for positions located outside of New York, Colorado, California, or Washington. - The expected base compensation for this role is : $125,200 - $158,600. The actual base compensation within the identified range will vary based on factors relevant to the position. - Bonus Potential: An incentive pay program offers payouts based on company performance, job level, and individual performance. - Benefits: GM offers a variety of health and wellbeing benefit programs. Benefit options include medical, dental, vision, Health Savings Account, Flexible Spending Accounts, retirement savings plan, sickness and accident benefits, life insurance, paid vacation & holidays. GM does not provide immigration-related sponsorship for this role. Do not apply for this role if you will need GM immigration sponsorship now or in the future. This includes direct company sponsorship, entry of GM as the immigration employer of record on a government form, and any work authorization requiring a written submission or other immigration support from the company (e.g., H1-B, OPT, STEM OPT, CPT, TN, J-1, etc.) This role is categorized as remote. This means the selected candidate may be based anywhere in the country of work and is not expected to report to a GM worksite unless directed by their manager. This job is not eligible for relocation benefits. Any relocation costs would be the responsibility of the selected candidate. About GM Our vision is a world with Zero Crashes, Zero Emissions and Zero Congestion and we embrace the responsibility to lead the change that will make our world better, safer and more equitable for all. Why Join Us We believe we all must make a choice every day - individually and collectively - to drive meaningful change through our words, our deeds and our culture. Every day, we want every employee to feel they belong to one General Motors team. Total Rewards | Benefits Overview From day one, we're looking out for your well-being-at work and at home-so you can focus on realizing your ambitions. Learn how GM supports a rewarding career that rewards you personally by visiting Total Rewards resources. Non-Discrimination and Equal Employment Opportunities (U.S.) General Motors is committed to being a workplace that is not only free of unlawful discrimination, but one that genuinely fosters inclusion and belonging. We strongly believe that providing an inclusive workplace creates an environment in which our employees can thrive and develop better products for our customers. All employment decisions are made on a non-discriminatory basis without regard to sex, race, color, national origin, citizenship status, religion, age, disability, pregnancy or maternity status, sexual orientation, gender identity, status as a veteran or protected veteran, or any other similarly protected status in accordance with federal, state and local laws. We encourage interested candidates to review the key responsibilities and qualifications for each role and apply for any positions that match their skills and capabilities. Applicants in the recruitment process may be required, where applicable, to successfully complete a role-related assessment(s) and/or a pre-employment screening prior to beginning employment. To learn more, visit How we Hire. Accommodations General Motors offers opportunities to all job seekers including individuals with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, email us [email protected] or call us at 1-800-865-7580. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.