ICT Analyst, Cybersecurity

Job Advertisement

Position Title: ICT Analyst, Cybersecurity
Location: Bonn
Country: Germany
Deadline Date:

Job Details

Job Posting Organization:
The United Nations Development Programme (UNDP) is a global development network established in 1965, with a mission to eradicate poverty and reduce inequalities through sustainable development. UNDP operates in approximately 170 countries and territories, working with governments and people to address development challenges. The organization emphasizes diversity, equity, and inclusion, valuing the multiplicity of nations and cultures in which it operates. UNDP is committed to ensuring that all personnel are empowered to contribute to its mission, and it actively encourages applications from individuals belonging to marginalized or excluded populations. UNDP has a zero-tolerance policy towards sexual exploitation and abuse, harassment, and discrimination, ensuring that all selected candidates undergo rigorous reference and background checks. The UN Volunteers (UNV) programme, administered by UNDP, promotes volunteerism to support peace and development worldwide, advocating for the integration of volunteerism into development programming and mobilizing volunteers.

Job Overview:
The ICT Analyst, Cybersecurity position is crucial for ensuring the security" style="border-bottom: 1px dotted #007bff !important;">security and integrity of UNDP's information and communication technology systems. The incumbent will work under the supervision of the Team Leader of ICT Infrastructure and will be responsible for comprehensive incident handling in accordance with established policies and guidelines. This role involves developing solutions to automate cybersecurity tasks, maintaining cloud-native security solutions, monitoring cybersecurity infrastructure for suspicious activities, and responding to incidents. The analyst will also promote security best practices, conduct security risk assessments, and collaborate with development teams to integrate security into all phases of the software development lifecycle (SDLC). The position requires a proactive approach to identifying potential risks and improving the overall cybersecurity posture of UNV services, ensuring incident response readiness and compliance with UNDP's security policies and standards.

Duties and Responsibilities:
The duties and responsibilities of the ICT Analyst, Cybersecurity include:

• Developing automation solutions for cybersecurity tasks to enhance efficiency and reduce manual errors.
• Maintaining various cloud-native security solutions, including Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR).
• Monitoring alerts and notifications from the cybersecurity infrastructure for indications of unauthorized activities.
• Responding to detected cybersecurity incidents and coordinating with relevant stakeholders.
• Keeping abreast of vendor and industry alerts, ensuring risks are mitigated in collaboration with system and service owners.
• Promoting security best practices and planning security awareness training for staff.
• Conducting security risk assessments, code reviews, and vulnerability assessments for UNV applications.
• Developing and enforcing UNDP security policies, standards, and guidelines.
• Performing threat modeling and security architecture reviews to identify potential risks. 1
• Coordinating vulnerability scans and “Red Teaming” exercises. 1
• Leading initiatives to enhance the overall cybersecurity posture of UNV. 1
• Maintaining an updated inventory of UNV digital assets and ensuring their availability and integrity. 1
• Coaching application, data, and service owners on backup and restore procedures and business continuity measures. 1
• Collaborating with the UNDP security team to implement ISO27001/2 Information Management certification for UNV. 1
• Performing other duties as necessary for the efficient functioning of the Office and the Organization.

Required Qualifications:
The required qualifications for the ICT Analyst, Cybersecurity position include:

• Advanced university degree (master’s degree or equivalent) in Information Technology, Computer Science, Engineering, or a related discipline. Alternatively, a first-level university degree (bachelor’s degree) in the mentioned areas, combined with an additional two years of qualifying experience, will be considered.
• For applicants with a master’s degree, professional work experience is not required. However, those with a bachelor’s degree must have a minimum of two years of relevant professional experience in data management, computer science, DevOps, or a related field at the national or international level.
• ISO20071 certification or similar is required.
• Experience in conducting Threat Risk Assessments (TRA) is essential.
• Knowledge of international standards and best practices in cybersecurity, risk, and service management is desired.

Educational Background:
Candidates must possess an advanced university degree (master’s degree or equivalent) in Information Technology, Computer Science, Engineering, or a related discipline. Alternatively, a first-level university degree (bachelor’s degree) in the same fields, along with two additional years of qualifying experience, will be considered in lieu of the advanced degree. This educational background is crucial for understanding the complexities of cybersecurity and the technical requirements of the position.

Experience:
The level of experience required for the ICT Analyst, Cybersecurity position varies based on educational qualifications. Applicants with a master’s degree (or equivalent) are not required to have prior professional work experience. However, those with a bachelor’s degree (or equivalent) must have at least two years of relevant professional experience in areas such as data management, computer science, DevOps, or related fields, preferably at both national and international levels. Experience in cybersecurity, particularly in threat detection and incident response systems, is highly desirable.

Languages:
Fluency in English is mandatory for this position, as it is the primary language of communication within the UNDP. Additionally, a working knowledge of other UN languages is considered an asset and is desired, as it enhances communication and collaboration within the diverse international environment of the UN.

Additional Notes:
The ICT Analyst, Cybersecurity position is a full-time role, and candidates should be prepared to engage in a dynamic work environment that emphasizes collaboration and innovation. The position may involve international recruitment, and candidates are encouraged to apply regardless of their nationality. Compensation and benefits will be aligned with UNDP standards, and selected candidates will be expected to adhere to the organization's policies on diversity, equity, and inclusion. The UNDP reserves the right to select one or more candidates from this vacancy announcement and may retain applications for other similar positions at the same grade level.