This post is located in the Information Management and Technology Section (IMTS), Programme Support and Management Services (PSMS) of the Office of the High Commissioner for Human Rights (OHCHR), in Geneva. The incumbent will operate under the overall guidance of the Chief of PSMS and direct supervision of the Chief of IMTS.Responsibilities
Within limits of delegated authority, the Information Systems Officer (cyber Security) will be responsible for the following duties:
• Takes care of the day-to-day operations and data structures by overseeing the operational performance.
• Takes care of cyber security projects and makes sure they meet cyber security objectives. Offers cyber security operations such as process re-engineering, automation, and documentation.
• Recognizes cyber security issues, devises and drives effective mitigation. Actively searches for vulnerabilities and risks in hardware and software and conducts threat and risk analysis and provide essential suggestions for their mitigation.
• Assists with the configuration of anti-virus systems and consoles; Must have an in-depth understanding of vulnerabilities Management Systems and common security applications; Conducts software upgrades and explains performance criteria, documents configurations, and systems specifications.
• Manages and monitors any attacks and intrusions. Protects software and hardware from threats and identifies and manages incidents and mitigates risks.
• Assists in performing research, testing, evaluation, and deployment of security procedures. Designs security training materials and organizes training sessions for the users. Examines and evaluates security-related technologies. Resolves security issues and other data-related problems. Monitors network traffic and internet connectivity data and reports on risks.
• Responsible for collecting and analyzing data and assists in eliminating risk, performance and capacity issues. Handles any issues related to service providers. Regulates enterprise information assurance and security standards. Collaborates and evaluates security programs for the organization. Supports users in the development and implementation of policies.
• Creates own tools and actively takes part in the security architecture review of client technologies. Conducts risk assessments and business impact analysis on new systems and technologies. Maintains a cordial relationship with the key partners. Serves as a Program Management Officer when the Cyber Security projects are implemented.
• Assists in designing and developing security features for system architectures. Plays an active role in developing special purpose systems necessary for specialized security features and procedures.
• Defines security requirements for computer systems such as servers, workstations, and personal computers. Suggests various solutions and implements them to meet the security requirements.
• Offers integration and deployment of the computer system security solution. Examines technical problems and provides basic engineering and additional support in solving the problems. Ensures that all information systems are functional and secure. Participates in the various phases of the system development life cycles to perform risk analysis.
• Responsible for taking care of the built-in security systems to software, hardware, and components. Develops unique strategies for software systems, networks, data centers, and hardware. Understands the QA software and hardware for security vulnerabilities and risks. Develops firewalls to secure the network infrastructure. Recognizes the cyber attackers and reports to the upper management. Keeps an eye for external intrusions, attacks, and hacks. Closes off security vulnerability in the case of an attack.
• Designs secure principles and optimizes new Technology Services. Helps in the optimization of current test and engineering processes and policies. Offers technical support in areas of the cross-discipline team. Assists in research and development projects. Writes procedures for the delivery of cybersecurity services
• PROFESSIONALISM: Knowledge in all aspects of planning, design, development, implementation and maintenance of computer information security and digital asset security.
Strong analytical and problem-solving skills, to include proficiency in the development and implementation of information security systems of moderate size/complexity. Knowledge of interactive systems; good knowledge of organization’s information infrastructure and IT strategy as it relates to user area(s); independently maintains assigned systems and develops innovative approaches to resolve a wide range of cyber security issues/problems. Shows pride in work and in achievements; demonstrates professional competence and mastery of subject matter; is conscientious and efficient in meeting commitments, observing deadlines and achieving results; is motivated by professional rather than personal concerns; shows persistence when faced with difficult problems or challenges; remains calm in stressful situations. Takes responsibility for incorporating gender perspectives and ensuring the equal participation of women and men in all areas of work.
• PLANNING & ORGANIZING: Develops clear goals that are consistent with agreed strategies; identifies priority activities and assignments; adjusts priorities as required; allocates appropriate amount of time and resources for completing work; foresees risks and allows for contingencies when planning; monitors and adjusts plans and actions as necessary; uses time efficiently.
• COMMITMENT TO CONTINUOUS LEARNING: Keeps abreast of new developments in own occupation/profession; actively seeks to develop oneself professionally and personally; contributes to the learning of colleagues and subordinates; shows willingness to learn from others; seeks feedback to learn and improve.
Advanced university degree (Master’s degree or equivalent) in computer science, information technology, telecommunications, electronics or any related field. A first-level university degree in combination with two additional years of qualifying work experience may be accepted in lieu of the advanced university degree.Work Experience
A minimum of five years of progressively responsible experience in planning, design, development, implementation and maintenance of computer information security, digital asset security or related area is required.
Experience managing technology projects and resources is required.
Experience performing digital forensic analysis is desirable.
Experience designing and implementing information security technologies across a variety of platforms is desirable.
Experience with MITRE ATT&CK framework is desirable.
Experience in log monitoring and analysis (e.g. Splunk, SolarWinds, ManageEngine, etc.) is desirable.
Experience implementing a data protection program is desirable.
Experience assessing state-actor or similar level attack capabilities, hacking tools, and surveillance capabilities is desirable.
English and French are the working languages of the United Nations Secretariat. For the position advertised, fluency in English is required. Knowledge of French is desirable.Assessment
Evaluation of qualified candidates may include an assessment exercise which will be followed by competency-based interview.Special Notice
Extension of the appointment is subject to the extension of the mandate and/or availability of funds.
At the United Nations, the paramount consideration in the recruitment and employment of staff is the necessity of securing the highest standards of efficiency, competence and integrity, with due regard to geographic diversity. All employment decisions are made on the basis of qualifications and organizational needs. The United Nations is committed to creating a diverse and inclusive environment of mutual respect. The United Nations recruits and employs staff regardless of gender identity, sexual orientation, race, religious, cultural and ethnic backgrounds or disabilities. Reasonable accommodation for applicants with disabilities may be provided to support participation in the recruitment process when requested and indicated in the application.
The United Nations Secretariat is committed to achieving 50/50 gender balance in its staff. Female candidates are strongly encouraged to apply for this position.
Pursuant to section 7.11 of ST/AI/2012/2/Rev.1, candidates recruited through the young professionals programme who have not served for a minimum of two years in the position of their initial assignment are not eligible to apply to this position.
According to article 101, paragraph 3, of the Charter of the United Nations, the paramount consideration in the employment of the staff is the necessity of securing the highest standards of efficiency, competence, and integrity. Candidates will not be considered for employment with the United Nations if they have committed violations of International Human Rights law, violations of international humanitarian law, sexual exploitation, sexual abuse, or sexual harassment, or if there are reasonable grounds to believe that they have been involved in the commission of any of these acts. The term “sexual exploitation” means any actual or attempted abuse of a position of vulnerability, differential power, or trust, for sexual purposes, including, but not limited to, profiting monetarily, socially or politically from the sexual exploitation of another. The term “sexual abuse” means the actual or threatened physical intrusion of a sexual nature, whether by force or under unequal or coercive conditions. The term “sexual harassment” means any unwelcome conduct of a sexual nature that might reasonably be expected or be perceived to cause offence or humiliation, when such conduct interferes with work, is made a condition of employment or creates an intimidating, hostile or offensive work environment, and when the gravity of the conduct warrants the termination of the perpetrator’s working relationship. Candidates who have committed crimes other than minor traffic offences may not be considered for employment.
Due regard will be paid to the importance of recruiting the staff on as wide a geographical basis as possible. The United Nations places no restrictions on the eligibility of men and women to participate in any capacity and under conditions of equality in its principal and subsidiary organs. The United Nations Secretariat is a non-smoking environment.
The paramount consideration in the appointment, transfer, or promotion of staff shall be the necessity of securing the highest standards of efficiency, competence, and integrity. By accepting an offer of appointment, United Nations staff members are subject to the authority of the Secretary-General and assignment by him or her to any activities or offices of the United Nations in accordance with staff regulation 1.2 (c). In this context, all internationally recruited staff members shall be required to move periodically to discharge new functions within or across duty stations under conditions established by the Secretary-General.
Applicants are urged to follow carefully all instructions available in the online recruitment platform, inspira. For more detailed guidance, applicants may refer to the Manual for the Applicant, which can be accessed by clicking on “Manuals” hyper-link on the upper right side of the inspira account-holder homepage.
The evaluation of applicants will be conducted on the basis of the information submitted in the application according to the evaluation criteria of the job opening and the applicable internal legislations of the United Nations including the Charter of the United Nations, resolutions of the General Assembly, the Staff Regulations and Rules, administrative issuances and guidelines. Applicants must provide complete and accurate information pertaining to their personal profile and qualifications according to the instructions provided in inspira to be considered for the current job opening. No amendment, addition, deletion, revision or modification shall be made to applications that have been submitted. Candidates under serious consideration for selection will be subject to reference checks to verify the information provided in the application.
Job openings advertised on the Careers Portal will be removed at 11:59 p.m. (New York time) on the deadline date.
THE UNITED NATIONS DOES NOT CHARGE A FEE AT ANY STAGE OF THE RECRUITMENT PROCESS (APPLICATION, INTERVIEW MEETING, PROCESSING, OR TRAINING). THE UNITED NATIONS DOES NOT CONCERN ITSELF WITH INFORMATION ON APPLICANTS’ BANK ACCOUNTS.