If you are a committed, creative professional and are passionate about making a lasting difference for children, the world's leading children's rights organization would like to hear from you.
For 70 years, UNICEF has been working on the ground in 190 countries and territories to promote children's survival, protection and development. The world's largest provider of vaccines for developing countries, UNICEF supports child health and nutrition, good water and sanitation, quality basic education for all boys and girls, and the protection of children from violence, exploitation, and AIDS. UNICEF is funded entirely by the voluntary contributions of individuals, businesses, foundations and governments.
Purpose of the Position
The incumbent of this post is is responsible for supporting the Chief, IT Security, with the program of work in the information security domain, including technical expertise and guidance to internal and external stakeholders to ensure the integrity of UNICEF Information assets. The incumbent will also work with the Chief, IT Security to analyze root causes of information security incidents; review policy and procedures around Information Security; ensure current threats are identified; develop and implement appropriate response plans; and conduct regular security penetration tests for systems and applications to ensure new threats are identified and mitigated.
Key Expected Results
The overarching ICT strategic goal is to transform and build partnership with our stakeholders to successfully implement UNICEF programmes globally through the use of innovative technology-enabled solutions. In light of increasing use of ICTs, and the cloud paradigm, this requires stronger ICT / information security awareness with different units of the organization. The IT security specialist is pivotal in building cyber security credibility and trust amongst our stakeholders by driving a solid base of delivery of services, a consistent track record of security service delivery, and the development of a strategic partnership with the internal and external stakeholders. The information security unit serve as a trusted partner of HQ Divisions, regional and country offices; the technical expertise, solutions and advice have an impact on scaling up the cloud initiative and the ability of ICT to contribute to the UNICEF program goals and objectives by integrating risk management at a global level.
Identification, Management, Facilitation and Prioritization of IT security requirements
Assist and support the chief security advisor, to identify, develop, manage, facilitate and prioritize information security work. Understand business needs and business capability requirements, business risk appetite and collaborate with other Managers, to assist in developing and executing an ICT / Information Security program of workParticipate in planning sessions with the BRM cluster to identify ICT and Information Security needs in new business casesProvide support in implementation of and operational support of UNICEF ISO27K Information Security Management System (ISMS)Support the infosec governance process, and the prioritization and rationalization of demands to ensure infosec considerations are captured and actioned.
Planning, InformationManagement Policy
Support the development of an annual work plan in information security domainOperational support of UNICEF's information security programAssist in development of and maintenance of applicable ISMS documentation (standards, incident management processes, workflow processes, etc.
Perform highly detailed, technical security assessments covering: data-flows, evaluation of controls, system configuration, networks, technologies used, implementation, etc.Perform ethical hacking and penetration tests of systems and or networks.Perform and or support periodic vulnerability testingSupport, monitor, the resolution of security assessmentsSupport the Chief, IT Security in identifying internal client expectations with respect to IT security services as well as gaps between client needs and capabilities, and work to find agile solutions to those gaps. Provide oversight of providers and third-parties of ICT-related services and products, to ensure compliance with UNICEF Information Security Program and or security industry best practices.
Assist the Chief, IT Security in promoting the Information Security function, service offerings and capabilities.Advocate on behalf of the unit to ensure IT security services meet their business priorities and needs.Support change management activities (frequent communication to staff and clients about the change and the impact of the change, advocacy, coaching and minimize disruption and achieve desired results from ICT projects/initiatives that are triggered/enabled by technology.Ensure the Divisional clients understand UNICEF's Information Security program and executive management expectations, overall delivery of services provided to meet program requirements, and compliance to processes. Develop and communicate awareness programs.
Qualifications of Successful Candidate
An advanced university degree (Master's) in Computer Sciences, Information System Management, Business Administration, or a directly related field(s) is required.A relevant first-level university degree (Bachelor's), in combination with 2 years of additional relevant work experience, may be accepted in lieu of the advanced university degree (Master's).A valid professional certification in CEH, CISSP; etc. from an accredited chartered accountancy institution is desirable.A minimum of five (5) years of progressively responsible relevant work experience with in information technology management, business operations is required.Prior experience in Ethical Hacking (EH specialist) for a midsized organization or consulting firm is required.Prior experience in Web/Mobile solutions, Open Source, security operations, Security emergency response team, and forensics is highly desirable.Prior experience in supporting cyber/ information security in large, complex projects is desirable.Prior experience of Understanding with integrated ERP and related business applications in a global, multi country organization is desirable.Prior experience in supporting highly complex projects with delivery to a large or remote user base is desirable.Prior experience in supporting multiple stakeholders in a large context/geographically dispersed organization is desirable.Strong working experience in vendor / contract management will be considered an asset.Strong working experience in VM/ Cloud environments will be considered an asset.Strong understanding of ISO 270 is considered an asset.Fluency in English (written & verbal) is required. Knowledge of another official UN Language (Arabic, Chinese, Russian, Spanish) is considered an asset.
Other Relevant Requirements
Knowledge and ability to perform information security and IT risks analysesClear understanding of Information Security aspects in software development lifecycle and Application supportAbility to foster excellent work relationships and build alliances with key stakeholders and industry business partnersAbility to support multiple projects and resources concurrently, including ability to assess benefits, risks, and costsAbility to learn the business unit's functions and understand the strategic business goals in an effort to identify opportunities for technology innovation and to analyze and propose technical strategies for the business Units.Ability to stay abreast of new technologies and their ability to support UNICEF innovation projects to improve efficiency and effectiveness of business units.
Competencies of Successful Candidate
CommitmentDiversity and InclusionIntegrity
Communication Level - IIWorking with People – Level - IIDrive for Results – Level – II
Analyzing Level- IIIApplying Technical Expertise Level - IIIFormulating Strategies and Concepts Level - IIIRelating and Networking Level - IICoping with Pressure and Setbacks Level - III
To view our competency framework, please clickhere.
UNICEF is committed to diversity and inclusion within its workforce, and encourages qualified female and male candidates from all national, religious and ethnic backgrounds, including persons living with disabilities, to apply to become a part of our organisation.
UNICEF is committed to diversity and inclusion within its workforce, and encourages qualified female and male candidates from all national, religious and ethnic backgrounds, including persons living with disabilities, to apply to become a part of our organization. To apply, click on the following link http://www.unicef.org/about/employ/?job=501117