Support the implementation of the cyber security advisories to mitigate vulnerabilities.
Assist cyber security investigations and events related to information technology, communications and data systems, networks and devices. eGhtJKz DmtoFd
Assist the coordinated incident response, digital forensics, and authorised investigation efforts through close collaboration with internal business units and external partners.
Provide assistance to the implementation and testing of Disaster Recovery Plans (DRPs).
Assist with management and monitoring of ICT assets for performance to ensure effective security measures are in place.
Assist in coordinating with non-compliant sections/units and systems owners and escalate issues as appropriate.
Keep abreast of the current and emerging security issues, risks, threats, vulnerabilities, and advancements in cyber security techniques and technologies.
Provide input to the security awareness trainings and other communications to increase personnel understanding of cyber security policies, procedures and regulatory requirements set by the UN.
Provide security guidance to users and ICT specialists to ensure the security of the Organization and achieve compliance.
Maintain confidentiality and integrity and handle sensitive information with discretion ensuring compliance with the data privacy, security requirements, and standards.
Provide assistance to the activities related to changes to the Organization, business processes, information processing facilities, and systems to ensure that effective internal controls are in place.
Assist with the collection and analysis of data as well as preparation of data presentations and reports for information sharing, responding to queries, knowledge management, planning and decision making.
Competencies

Professionalism: Knowledge of current, new, and emerging information and cyber security technologies and the ability to adapt to changes. Knowledge of current and emerging cyber security threat landscape, attack methodologies, tools, technologies, and mitigation/remediation methods. Ability to analyse network traffic and apply techniques for detecting host and network-based intrusions using intrusion detection technologies. Shows pride in work and in achievements; demonstrates professional competence and mastery of subject matter; is conscientious and efficient in meeting commitments, observing deadlines, and achieving results; is motivated by professional rather than personal concerns; shows persistence when faced with difficult problems or challenges; remains calm in stressful situations. Commitment to implementing the goal of gender equality by ensuring the equal participation and full involvement of women and men in all aspects of work. Teamwork: Works collaboratively with colleagues to achieve organizational goals; solicits input by genuinely valuing others’ ideas and expertise; is willing to learn from others; places team agenda before personal agenda; supports and acts in accordance with final group decision, even when such decisions may not entirely reflect own position; shares credit for team accomplishments and accepts joint responsibility for team shortcomings. Planning& Organizing: Develops clear goals that are consistent with agreed strategies; identifies priority activities and assignments; adjusts priorities as required; allocates appropriate amount of time and resources for completing work; foresees risks and allows for contingencies when planning; monitors and adjusts plans and actions as necessary; uses time efficiently. Technological Awareness: Keeps abreast of available technology; understands applicability and limitation of technology to the work of the office; actively seeks to apply technology to appropriate tasks; shows willingness to learn new technology.

Education

High school diploma or equivalent is required.

Job - Specific Qualification

An active level certificate in Information Security (e.g., CISM, CISSP or equivalent) is required.

Work Experience

A minimum of seven (7) years of progressively responsible experience using knowledge of cyber threats, network and application security principles, common vulnerabilities, and exploits is required and should be evident in the employment details in the application. The minimum years of relevant experience is reduced to five (5) years for candidates who possess a first level degree or higher. Use of skills to conduct research such as systematic data collection and analysis of information from various sources is desirable. Use of ability to identify systemic security issues based on the analysis of vulnerability and configuration data is desirable.

Languages

English and French are the working languages of the United Nations Secretariat. For the position(s) advertised, fluency in oral and written English is required. Knowledge of French is desirable.

Assessment

Evaluation of qualified candidates may include an assessment exercise which may be followed by competency-based interview.