|Vacancy Notice Number||ICC-19-VAL-677|
|Position Title||Cyber Security Administrator|
|Position Type||Fixed Term|
|Number of Positions||1|
|Date of Issue||18/12/2019|
|Date of Closing||2/02/2020|
|Annual Salary Estimation||EUR 38,414 (net, single rate)|
|Duty Station||Valencia, Spain|
|Organizational Location/Unit||Cyber Security Section|
Purpose of the Position:
The Cyber Security Administrator will provide support to the Cyber Security Section in Governance related activities.
Main duties and responsibilities:
Under the direct supervision of Lead, Cyber security governance and in close collaboration with the Cyber Security team members the incumbent will be required to:
Under close supervision of Information Security Specialist, the post holder will more specifically:
- Under guidance, support the development, implementation and monitoring of the cyber security roadmap and IT risk management programmes to ensure that the integrity, confidentiality and availability of information is managed and controlled by client organizations
- Support the colleagues in the Cyber Security Governance team building regular reporting/dashboards on the current status of the cyber security programme to senior management and business units as part of a strategic enterprise risk management programme
- Create, communicate and implement the process for risk management, including the assessment and treatment of identified risks. Work directly with business units and stakeholders throughout the organization on identifying acceptable levels of residual risk. Report and oversee treatment efforts
- Help raise cyber security and risk management awareness for all employees, contractors and approved system users.
- Contribute to the development, maintenance and publication of up-to-date cyber security policies, standards and guidelines
- Participate in the provision of risk guidance for IT projects.
- Provide active support during security incidents and events that affect corporate IT assets, including intellectual property, sensitive data and the organization’s reputation
- Provide direction, support and in-house consulting in effective disaster recovery policies and standards. Coordinate the development of implementation plans and procedures to ensure that business-critical services are recovered in the event of a security event
- Provide other ad hoc support either within CPI or other units as required – this includes the participation in special projects or support to service delivery for short period of time on a part-time or full-time basis upon request from the senior management
Experience and Skills required:
- Minimum of five years’ experience in cyber security, risk management, or IT-Security or security incident response or security testing related jobs
- Experience in contributing to the development of cyber security policies and procedures
- Experience in medium/complex size projects
- Knowledge of common cyber security management frameworks, such as ISO/IEC 27001, ITIL, COBIT, etc
- Ability to understand technical and business aspects of IT risk, and to communicate those risks to business and technical units so that the organization can make informed decisions regarding appropriate levels of cyber security control
- Strong analytical and problem-solving skills
- Ability to act calmly and competently in high-pressure, high-stress situations
- Excellent written and verbal communication skills, interpersonal and collaborative skills
- High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity
- High degree of initiative, dependability and ability to work with little supervision
- Experience in implementing cyber security controls to achieve compliance with ISO 27001 and other cyber security control frameworks
- Experience in achieving and maintaining ISO 27001 certification
- 1 year experience working in security consulting engagements
- Project management skills and ability to manage multiple projects under strict timelines
- Graduation from secondary school supplemented by specialized training in Cyber security/IT Security
- Certifications like CISSP, CISA, CCSP will be an asset
- Expert knowledge of English is required
- Knowledge of another UN language is desirable
ICC Global Competencies:
- Fostering integration and teamwork: Develops and promotes effective relationships with colleagues and team members. Deals constructively with conflicts.
- Respecting and promoting individual and cultural differences: Demonstrates the ability to work constructively with people of all backgrounds and orientations. Respects differences and ensures that all can contribute.
- Communicating in a credible and effective way: Expresses oneself clearly in conversations and interactions with others; listens actively. Produces effective written communications. Ensures that information is shared.
- Knowing and managing yourself: Manages ambiguity and pressure in a self-reflective way. Uses criticism as a development opportunity. Seeks opportunities for continuous learning and professional growth.
This position is subject to local recruitment pursuant to staff rule 4.4 of the United Nations Staff Rules. All staff in the General Service and related categories shall be recruited in the country or within commuting distance of each office, irrespective of their nationality and of the length of time they may have been in the country. A staff member subject to local recruitment shall not be eligible for the allowances or benefits exclusively applicable to international recruitment.
Annual Salary Estimation (net of tax at single rate): EUR 38,414.
UNICC also offers generous leave and absence allowances, flexible working hours, overtime compensation, teleworking, access to training, and depending on eligibility other benefits such as relocation grant, dependency allowance, language allowance, or education grant.
Closing date for applications:
Applications will be accepted until midnight (Geneva Time) on 2 February 2020.
- Technical and/or personality tests may be carried out as part of the selection process
- Only short-listed candidates will be contacted
- Though you may not be selected for this advertised position, the ICC will keep your application in a roster if your profile is deemed to be of potential interest for the Centre. You may thus be solicited by our HR department to participate in an interview for another position
Applications from women are particularly encouraged for this vacancy