Senior ICT Officer (GRC)

Grade: P4

Deadline for Applications:17 September 2015 (Midnight Geneva time)

The position of Senior ICT Officer (Governance, Risks and Controls) reports to and is located within the office of the CIO and Director. The position is key to the ability of DIST to fulfil its mission to provide effective and efficient ICT services as the functionary plays the key role in ensuring that DIST maintains a comprehensive view of the IT control and compliance environment, as well as minimizing exposure to unwanted risks. In addition, the functionary is responsible for the collection of evidence to demonstrate operational effectiveness of processes and controls. S/he also has regular interaction with the Chief ICT Security Officer, all colleagues across DIST, and with internal and external audit entities as well as being the focal point for Enterprise Risk Management. The Senior ICT Officer will also advise ICT and business executives on the status of technology risk and compliance issues based on assessment results and information from various monitoring and control systems and educate on appropriate mitigation strategies and approaches.

RESPONSIBILITIES

§ Liaise with internal and external audits and work with the various ICT functions to ensure compliance with all internal and external audit requirements and assist with developing control deficiency remediation plans.

§ Facilitating risk assessments, creating and maintaining risk register and risk reporting for Enterprise Risk Management Unit.

§ Prepare and conduct ICT audit, governance, risk and compliance related briefings and meetings for executive management.

§ Monitor external standards and risk/control trends to determine if internal ICT practices are contemporary with industry, regulatory and/or customer expectations.

§ Ensure ICT management and staff are aware of responsibilities related to internal and external ICT audits, audit observations/deficiencies responses, and corrective action ownership.

§ Develop and maintain set of ICT policies/standards/guidelines designed to establish controls to address risks, and operate ICT effectively and efficiently.

§ Oversee ICT general control self-testing program, assisting management in the development of a risk-based testing program and review of control self-tests.

§ Oversee corrective action verification program and report on ICT progress with remediating control deficiencies.

§ Coordinate communications related to ICT Governance, Risks, and Controls.

§ Provides oversight regarding audit regulatory and risk management activities across DIST functional areas.

QUALIFICATIONS

§ At least 10 years of experience in Information Technology with at least 7 years recent experience in implementing, managing, reviewing and improving internal controls for governance, compliance and quality, or assurance and risk management programmes and in drafting ICT policies.

§ Advance University degree in ICT or related field.

§ Comprehensive knowledge of audit/risk assessment techniques and principles, IT governance practices, and IT general application controls.

§ Experience in business process optimization within IT organizations.

§ Demonstrated ability to multi-task and maintain effectiveness when priorities and/or objectives change.

§ Skills in audit methodologies, especially within IT environments, and related governance and quality standards, such as ISA, ISO9000, ISAE 3402, COBIT, etc.

§ Exceptional business communication and interpersonal skills including the ability to interact effectively with individuals and groups at all levels of the organization.

§ Experience and working knowledge of ITIL processes. Fluency in written and spoken English

To Apply and Read a Detailed Job Description, Please Visit: http://bit.ly/Careers_UNHCR