Application closing date: 2 July 2019
Background Information – Job-specific
The UN is continuously targeted by cyberattacks and understanding how cybersecurity may affect the ability to deliver on its mandate is essential to be able to mitigate associated risks. OICT/ Cybersecurity Section is tasked to protect the geographically highly dispersed and diverse ICT environment of the organization from cyberattacks. In addition to the vast existing traditional infrastructure the ongoing migration of service to cloud computing providers, as well as the significantly increased reliance on mobile computing platforms poses severe challenges that require additional resources, and new and innovative approaches to ensure the organization is adequately protected. This applies to areas such as threat management, incident detection and response, vulnerability management as well as organizational resilience.
The activities of OICT/ Cybersecurity Section focus on policy development and oversight, cyber risk management, cyber threat intelligence, global monitoring and analytics, application and infrastructure vulnerability management.
This is a position in UNOPS for supporting projects carried out for or in the United Nations Secretariat. The incumbent of this position will be a staff member of UNOPS under its full responsibility.
Within delegated authoriy, the Junior Cybersecurity Officer:
- Develops and maintains a formal cyber threat intelligence programme through the collection, correlation and analysis of global log events/information from various sources including cloud service providers to identify artefacts and patterns of suspicious activities, and methods used by adversaries targeting the Organisation;
- Maintains the list and monitors for presence of various indicators of compromise;
- Performs security reviews and vulnerability assessments of applications, web sites and infrastructure components;
- Performs research and evaluates new security technologies particularly in the area of mobile and cloud computing for potential deployment within organization’s environment;
- Responds to cybersecurity incidents;
- Contributes to the formulation of the policy and other supporting documents including procedures and guidelines;
- Performs other duties as assigned.
Impact of Results:
Increased organization’s capacity to perform internal cybersecurity assessments; established and maintained global cyber threat and vulnerability management intelligence programmes; as well as increased incident response capabilities.
- Advanced university degree (Master’s degree or equivalent) in computer science, information systems, information security or related field.
- A first-level university degree with additional 2 years of relevant work experience may be accepted in liue of the advanced university degree.
- Certifications in Information Security (such as certifications issued by organizations including ISC2, GIAC, ISACA, and Offensive Security) are an advantage.
A minimum of two years of cumulative experience in programming, information systems, database, and/or network administration.
- Experience in performing security reviews and vulnerability assessments of applications, web sites and underlying infrastructure components.
- Experience in performing correlation and analysis of log information from various sources.
- Experience in responding to information security incidents.
- Experience in developing information security policy and other supporting documents.
- English and French are the working languages of the United Nations Secretariat.
- For this position, fluency in English is required; Knowledge of another official UN language is an advantage.