IT Security Engineer (P3)
Vienna
- Organization: IAEA - International Atomic Energy Agency
- Location: Vienna
- Grade: Mid level - P-3, International Professional - Internationally recruited position
-
Occupational Groups:
- Engineering
- Administrative support
- Information Technology and Computer Science
- Renewable Energy sector
- Security and Safety
- Nuclear Technology
- Closing Date: Closed
Organizational Setting
The Division of Information Technology provides support to the IAEA in the field of information and communication technology (ICT), including information systems for technical programmes and management. It is responsible for planning, developing and implementing an ICT strategy, for setting and enforcing common ICT standards throughout the Secretariat and for managing central ICT services. The IAEA's ICT infrastructure comprises state of the art hardware and software platforms in a partially decentralized environment. The Division has implemented an IT service management model based on ITIL (IT Infrastructure Library) and Prince2 (Projects in a Controlled Environment) best practices.
The Infrastructure Services Section (ISS) is responsible for administering the ICT systems and virtualization platforms, providing secure services and managing the data centre. The platforms include Microsoft Windows servers, Linux servers, data storage and transmission networks and an IBM mainframe, serving 2500 IAEA staff-members and a large user-base throughout the world. The Department of Management (MT) provides a 'platform of services' that serves as a foundation for the successful delivery of the IAEA's scientific and technical programmes. Its mission statement is as follows\: "MT is a partner and a business enabler that champions change and efficiency, leveraging a common purpose". Thus, among other support activities, it assists a scientific manager in recruiting the right expert, helps a technical officer coordinate the purchase of radiation equipment and ensures that all Board documents are translated and distributed on a timely basis to Member States.
The Division of Information Technology (MTIT) provides support to the IAEA in the field of ICT (information and communication technology), including information systems for technical programmes and management. It is responsible for planning, developing and implementing an ICT strategy, for setting and enforcing common ICT standards throughout the Secretariat and for managing central ICT services. The IAEA's ICT infrastructure comprises state of the art hardware and software platforms in a partially decentralized environment. The Division has implemented an IT service management model based on ITIL (IT Infrastructure Library) and Prince2 (Projects in a Controlled Environment) best practices.
The Infrastructure Services Section is responsible for administering the central IT servers and virtualization platforms, providing secured services and managing the data centre which are run in compliance with best practices defined by international standards, in particular ITIL and ISO 27001.
Main Purpose
The purpose of the post is to help the IAEA information and communication technology services define and create repeatable and consistent processes to strengthen IAEA information security. The IT Security Engineer participates in the development and delivery of a comprehensive IT security program for the IAEA. He/she also manages/participates in implementation of IT security projects, and the administration and verification of security controls as well as in technical investigations following possible security incidents.
Role
The IT Security Engineer is
(a) a technical specialist supporting the design and formulation of security measures, procedures and standards on all aspects of IT security;
(b) a solution provider, coordinating service delivery;
(c) a project manager/coordinator, soliciting inputs from other specialists and assisting in defining, planning and executing projects;
(d) a security incident handler, and
(e) a team member.
Functions / Key Results Expected
-
Contribute as a key player to ensuring the confidentiality, integrity and availability of information systems and data through end-to-end IT security measures and by implementing appropriate technology and processes.
-
Develop, implement and maintain vulnerability management procedures, design appropriate procedural and technical access control mechanisms, and identify and respond to IT security incidents.
-
Participate in information security risk assessment program, identify and analyse IT Security risks, make recommendations for corrective actions and monitor implementation and remediation.
-
Ensure appropriate operation of IT security systems, including the design and application of appropriate standards and operating procedures.
-
Participate in IT projects on a daily basis to ensure they produce the required results. This includes in planning, implementing, and monitoring the projects, and creating project documentation.
-
Produce high-quality oral and written reports, presenting complex technical matters clearly and concisely.
-
Maintain proficiency in industry standard tools and practices and in IAEA policies and procedures.
Competencies and Expertise
Core Competencies
| Name | Definition |
|---|---|
| Planning and Organizing |
Plans and organizes his/her own work in support of achieving the team or Sectionâs priorities. Takes into account potential changes and proposes contingency plans. |
| Communication |
Communicates orally and in writing in a clear, concise and impartial manner. Takes time to listen to and understand the perspectives of others and proposes solutions. |
| Achieving Results |
Takes initiative in defining realistic outputs and clarifying roles, responsibilities and expected results in the context of the Department/Divisionâs programme. Evaluates his/her results realistically, drawing conclusions from lessons learned. |
| Teamwork |
Actively contributes to achieving team results. Supports team decisions. |
Functional Competencies
| Name | Definition |
|---|---|
| Change Management |
Adapts to changing circumstances, including emergencies and other unexpected situations. |
| Analytical thinking |
Analyses information to identify cause and effect relationships and correlations. Identifies critical elements and assesses consequences of different courses of action and proposes solutions. |
| Client orientation |
Helps clients to analyse their needs. Seeks to understand service needs from the clientâs perspective and ensure that the clientâs standards are met. |
Required Expertise
| Function | Name | Expertise Description |
|---|---|---|
| Information Technology | IT Security |
Experience in design and architecture of IT security systems; |
| Information Technology | Information Security and Risk Management |
Experience in assessing information security risks and provide technical solutions to mitigate the identified risks; |
| Information Technology | Project Management |
Experience in IT project management using the established project management methodology; |
Qualifications, Experience and Language skills
-
University degree in computer Science, Information Management, IT Security or a related field;
-
Internationally recognised information or IT security relevant certification, such as CISSP, CISM, CISA or GIAC;
-
Accredited certification in Project Management, such as PMP or Prince2, is an asset;
-
Minimum of five years of professional experience in managing IT security programs in an IT enterprise environment.
-
Experience working in an IT enterprise environment including using vulnerability management and change management processes.
-
Experience in IT security infrastructure systems providing protection and detection measures, vulnerability management, event monitoring, incident response, secure system design and architecture.
-
Experience in creating technical documentation.
-
Excellent oral and written command of English. Knowledge of other official IAEA languages (Arabic, Chinese, French, Russian and Spanish) is an asset.
Remuneration
The IAEA offers an attractive remuneration package including a tax-free annual net base salary starting at US $58583 (subject to mandatory deductions for pension contributions and health insurance), a variable post adjustment which currently amounts to US $ 28120, dependency benefits, rental subsidy, education grant, relocation and repatriation expenses; 6 weeks' annual vacation, home leave, pension plan and health insurance
-------------------------------------------------------------------------------------------------------------------------------------------------------------
Applications from qualified women and candidates from developing countries are encouraged
Applicants should be aware that IAEA staff members are international civil servants and may not accept instructions from any other authority. The IAEA is committed to applying the highest ethical standards in carrying out its mandate. As part of the United Nations common system, the IAEA subscribes to the following core ethical standards (or values)\: Integrity, Professionalism and Respect for diversity. Staff members may be assigned to any location. The IAEA retains the discretion not to make any appointment to this vacancy, to make an appointment at a lower grade or with a different contract type, or to make an appointment with a modified job description or for shorter duration than indicated above. Testing may be part of the recruitment process
-------------------------------------------------------------------------------------------------------------------------------------------------------------
However, we have found similar vacancies for you:
Assistant Shop Manager
Senior Access and Security Officer – National Position
Un.e Chargé.e d’appui administratif et financier des projets Eau Assainissement et Hygiène
Senior Associate, District Health Systems Strengthening Short Term
VAC-11610 Hart - Close Protection Officer and Team Leader (EOI)
