Junior Information Security Consultant

WFP seeks candidates of the highest integrity and professionalism who share our humanitarian principles

Selection of staff is made on a competitive basis, and we are committed to promoting diversity and gender balance

The United Nations World Food Programme (WFP) is the world's largest humanitarian agency, fighting hunger worldwide. We are seeking to fill a consultancy position of Information Security Consultant based at our Headquarters in Rome, Italy.

The Technology Division (TEC, formerly known as IT) is the digital business engine of the World Food Programme, providing the business with multi-pronged and resilient technical capabilities able to respond with the immediate agility required in conflict zones on the one hand and with the longer-term stability to cope natural disasters on the other.

Under the general supervision of the Chief TECI and the direct supervision of Head of Policy & Compliance, the incumbent will assist the team with day-to-day cyber security consulting, documentation, and architecture review.  The incumbent will generally support ongoing activities of TECI including but not limited to data protection, policy development, platform architecture review and consulting for security. Overall, the incumbent shall ensure the Organization always relies upon appropriate risk-based solutions over the personal data and beneficiary data processed in IT workflows

Accountabilities/Responsibilities:

• Assist with the design, implementation and maintenance of Data Protection procedures and services, aimed at protecting IT systems and Personal Identity Information of beneficiaries, staff and partners  
• Perform risk and vulnerability assessments of the relevant infrastructure   components, systems and technologies in use. Coordinate activities related to system vulnerability and penetration testing.
• Identify and evaluate tools and/or services needed to establish regular vulnerability and penetration testing of WFP infrastructure and software solutions
• Develop and maintain new security standards, procedures and guidelines to help raise current corporate security maturity level – and in close collaboration with the Architecture branch, perform regular baseline and hardening reviews of WFP security solutions and technology
• Assist in determining and maintaining an inventory of regulatory, commercial and organizational technology compliance requirements, identifying the associated IT compliance control gaps and overseeing/reporting on the implementation of the IT compliance control portfolio
• Provide guidance to software developers across the institution to:
  • Properly classify data
  • Protect data as appropriate for classification, including collection, in transit, at rest, and for destruction
  • Understand and apply secure software development lifecycle principles
• Advise legal and other divisions to understand potential technology scope and implications with contracts
• Become Subject Matter Expert (SME) on platforms and applications for which consultant is assigned to review
• Represent TECI with OIG activities within the above noted scope, as necessary
• Advise institution on other risk and data classification concerns
• Collaborate with other members of TECI to produce CyberBytes once every two months
• Support TECI in documentation activities, including but not limited to policy development, deliverables, outreach, etc.
• Act as an IT Security subject matter expert and perform other security related duties as required.

Qualifications & Experience Required

Education:

• University degree in the field of Computer Science/Engineering or related STEM disciplines; OR from another discipline combined with relevant working experience

Experience:

• At least 2 years of relevant work experience

Technical Skills & Knowledge:

• Sound IT Security skills or secure SDLC principles, with both academic background and practical hands-on experience
• Solid IT Networking and OS skills
• Experience in multinational organizations
• Desirable: IT Security and IT Audit certifications

Language:

• Fluency in oral and written English. Intermediate knowledge of another official UN language (Arabic, Chinese, French, Russian and Spanish) or Portuguese (one of WFP’s working languages) is desirable.

Terms and Conditions:

WFP offers a competitive compensation package which will be determined by the contract type and selected candidate’s qualifications and experience.

Please visit the following websites for detailed information on working with WFP.

http://www.wfp.org Click on: “Our work” and “Countries” to learn more about WFP’s operations.

Deadline for applications: 4 June 2020 at 11:59pm Rome time

REF: 122298

Qualified female applicants and qualified applicants from developing countries are especially encouraged to apply.

WFP has zero tolerance for discrimination and does not discriminate on the basis of HIV/AIDS status.

No appointment under any kind of contract will be offered to members of the UN Advisory Committee on Administrative and Budgetary Questions (ACABQ), International Civil Service Commission (ICSC), FAO Finance Committee, WFP External Auditor, WFP Audit Committee, Joint Inspection Unit (JIU) and other similar bodies within the United Nations system with oversight responsibilities over WFP, both during their service and within three years of ceasing that service.

Fighting Hunger Worldwide

www.wfp.org