Cyber Security Specialist – P3

Job title:

Cyber Security Specialist – P3

Company

UN Women

Job description

UN WomenUNDP is committed to achieving workforce diversity in terms of gender, nationality and culture. Individuals from minority groups, indigenous groups and persons with disabilities are equally encouraged to apply. All applications will be treated with the strictest confidence. UNDP does not tolerate sexual exploitation and abuse, any kind of harassment, including sexual harassment, and discrimination. All selected candidates will, therefore, undergo rigorous reference and background checks.BackgroundUN Women, grounded in the vision of equality enshrined in the Charter of the United Nations, works for the elimination of discrimination against women and girls; the empowerment of women; and the achievement of equality between women and men as partners and beneficiaries of development, human rights, humanitarian action and peace and security.The Information Systems and Telecommunication (IST) Section, located in DMA (division of management and administration), is responsible for the strategic planning and development of ICT solutions and services, information security, sourcing of information systems and equipment to support business needs and for the maintenance, availability, reliability, and quality of performance of information and telecommunications systems and services globally in all UN Women offices.As our organization continues to expand its digital footprint in a rapidly evolving technological landscape, Information Security has emerged as a pivotal function within the IST team. In this dynamic context, we are proactively working to enhance security controls and capabilities across various information security domains. This strategic focus will be aligning with ISO 27001 standards looking for a comprehensive set of security measures but also that adheres to globally recognized best practices. Additionally, as threats become more sophisticated, our objective is that UN Women remains resilient and secure.Under the overall guidance of Chief IST Office and direct supervision of the Manager, Information Security and Compliance, the incumbent is responsible for ensuring the delivery of the Information Security program and projects aligned with the strategy and roadmap. This role requires not only a strong foundation in technical knowledge (specially related to Microsoft Security Suite) but also an ability to communicate complex security topics to a non-technical audience, drive security awareness initiatives, and work collaboratively across diverse teams.Duties and ResponsibilitiesManage the implementation of the Information Security Strategy:– Manage the implementation of various information security projects and initiatives, collaborating with internal teams and external parties, ensuring alignment with the strategic goals.
– Coordinate with vendors to guarantee timely delivery and adherence to project specifications.
– Provide expert advice on security architecture and configuration of complex systems.
– Monitor and deploy security controls as appropriate to support business needs while minimizing risk.
Promote Cybersecurity Awareness:– Advocate security best practices and the promotion of a security-conscious culture within the organization.
– Take a lead in configuring security tools effectively and educating the workforce about the importance of cybersecurity.
– Conduct training sessions and keeping on top of emerging security challenges to foster a proactive security awareness on employees.
Manage incident response and liaise with the third-party security monitoring service provider:– Act on incidents identified and reported by the UN Women SOC platform (Security Operations Center), ensuring timely and effective responses. This includes direct communication with internal teams to assist in the remediation or mitigation of threats.
– Bridge the gap between the SOC’s insights and our internal response capabilities, ensuring a comprehensive approach to security incidents.
– Document major incidents, detailing the nature of the threat, the response actions taken, and the outcomes achieved.
Conduct Vulnerability Management:– Conduct regular vulnerability scans, analyzing the results to identify potential threats, and collaborating with IT teams to prioritize and remediate identified vulnerabilities.
– Evaluate and analyze findings discovered during scheduled internal and third-party vulnerability scans and penetration tests.
– Provide relevant analysis, suggest mitigations, track remediation, manage scheduled scans, identify gaps and expand scan coverage.
– Support specialized security evaluations and assists on reviewing assessment reports and identifying any significant issues and variances, initiating, where necessary, corrective actions.
Perform Data Analysis and Reporting:– Analyze security-related data, generating reports to illustrate the organization’s security posture, and support specialized security evaluations.
Documentation and Process Enhancement:– Contribute to the maturity evolution of our security governance from developing Information Security polices, standards, directives, and guidelines to essential resources like knowledge repositories.
– Refine the security tools and practices at UN Women, ensuring that the organization remains up to date in an ever-evolving threat landscape.
The incumbent performs other duties (including handling special projects) within their functional profile as deemed necessary for the efficient functioning of the Office and the Organization.CompetenciesCore Values:– Respect for Diversity
– Integrity
– Professionalism
Core Competencies:– Awareness and Sensitivity Regarding Gender Issues
– Accountability
– Creative Problem Solving
– Effective Communication
– Inclusive Collaboration
– Stakeholder Engagement
– Leading by Example
Please visit this link for more information on UN Women’s Core Values and Competencies:https://www.unwomen.org/en/about-us/employment/application-process#_ValuesFUNCTIONAL COMPETENCIES:– Skills in handling security breaches and incidents, including reporting.
– Ability to identifying, analyze and mitigate threats to information security.
– Knowledge of concepts in software development lifecycle, application security, several high-level programming languages for scripting and query.
– Knowledge of common threats and how to protect against them (phishing, malware, ransomware, etc.).
– Ability to interact with technical and non-technical personnel at all levels.
– Ability to work independently and manage multiple task assignments.
– Strong oral and written communication skills, including presentation skills.
– Strong problem solving and troubleshooting skills with the ability to exercise mature judgment.
– Commitment to staying informed about new technologies, threats and security methodologies.Required Skills and ExperienceEducation and Certification:

• Master’s Degree in Computer Science, Engineering, Information Systems, or related discipline is required.

• A first-level university degree in combination with two additional years of qualifying experience may be accepted in lieu of the advanced university degree.

• One or more of the following professional certifications would be considered an advantage: MS-500, SC-200/300/400, AZ-500, MS-900, ISO 27001 Lead Implementer or Auditor, ISC2 Certifications, ISACA certifications (CISA, CISM, CRISK), GIAC Certifications.

Experience:

• A minimum of five (5) years of experience in information security in a corporate ICT environment is required.

• Experience in the operation, maintenance, and functionality of Microsoft Azure Security suit (such as MS Defender, MS AAD, Azure KeyVault, Azure Policy) is required.

• Experience with various cybersecurity technologies related to Microsoft Operating Systems, Network Security Concepts, EDR solutions, Vulnerability Management, Identity and Access Management, Cloud environments is required.

• Experience with standards such as ISO 27001/NIST is highly desirable.

• Experience with UN System entities is desirable.

• Experience in information security architecture desirable.

Languages:

• Fluency in English is required.

• Knowledge of another official UN language is desirable (French, Arabic, Chinese, Russian or Spanish).

Special Notice:In accordance with the UN Staff Regulation 4.5 (c) A fixed-term appointment does not carry any expectancy, legal or otherwise, of renewal or conversion, irrespective of the length of service. This fixed-term appointment is budgeted for a period through 31 December 2025.Application:All applications must include (as an attachment) the completed UN Women Personal History form (P-11) which can be downloaded from: https://www.unwomen.org/sites/default/files/Headquarters/Attachments/Sections/About Us/Employment/UN-Women-P11-Personal-History-Form.doc. Kindly note that the system will only allow one attachment. Applications without the completed UN Women P-11 form will be treated as incomplete and will not be considered for further assessment.Note:In July 2010, the United Nations General Assembly created UN Women, the United Nations Entity for Gender Equality and the Empowerment of Women. The creation of UN Women came about as part of the UN reform agenda, bringing together resources and mandates for greater impact. It merges and builds on the important work of four previously distinct parts of the UN system (DAW, OSAGI, INSTRAW and UNIFEM), which focused exclusively on gender equality and women’s empowerment.Diversity and inclusion:At UN Women, we are committed to creating a diverse and inclusive environment of mutual respect. UN Women recruits, employs, trains, compensates, and promotes regardless of race, religion, color, sex, gender identity, sexual orientation, age, ability, national origin, or any other basis covered by appropriate law. All employment is decided on the basis of qualifications, competence, integrity and organizational need.If you need any reasonable accommodation to support your participation in the recruitment and selection process, please include this information in your application.UN Women has a zero-tolerance policy on conduct that is incompatible with the aims and objectives of the United Nations and UN Women, including sexual exploitation and abuse, sexual harassment, abuse of authority and discrimination. All selected candidates will be expected to adhere to UN Women’s policies and procedures and the standards of conduct expected of UN Women personnel and will therefore undergo rigorous reference and background checks. (Background checks will include the verification of academic credential(s) and employment history. Selected candidates may be required to provide additional information to conduct a background check.)This is how cinfo can support you in the application process for this specific position:– Application preparation: Before you apply for this position: Improve your application documents by registering for a Job Application Support. Our coaches are here to help tailor your application to the requirements of the job (service provided at your own cost).
– Interview preparation: When invited to the interview: Prepare for the interview by registering for a Job Application Support.
– Additional services for Swiss nationals who get invited to the selection process (written test, interview, assessment centre, etc.):
– Let us know by writing to [email protected]. We flag matching applications to HR partners and SDC/SECO for visibility.
– Benefit from free interview/assessment preparation by registering here : Interview and Assessment Centre Preparation for Jobs in Multilateral Organisations. Our coaches stand ready to help prepare for upcoming interview/assessment centre.Sector: Nonprofit/Community/Social Services/International CooperationRole: OtherWorking hours (%): 80-100%

Expected salary

Location

New York City, NY

Job date

Sat, 23 Mar 2024 23:24:21 GMT

To help us track our recruitment effort, please indicate in your email/cover letter where (un-jobs.net) you saw this job posting.