Senior Information Systems Officer

Org. Setting and Reporting

This position is located in the Cybersecurity Service (CSS) in the Office of Information and Communications Technology (OICT). The CSS provides oversight and services for information security for the United Nations Secretariat globally. The incumbent reports to the Chief of the Cybersecurity Service.

The Office of Information and Communications Technology (OICT) is leading the digital transformation of the Organization to enable a better, safer, more sustainable future through secure, reliable, and innovative technology solutions. OICT is committed to achieving 50/50 gender balance and geographical diversity in its staff, and female candidates are strongly encouraged to apply for this position. OICT supports the principles of work-life balance and flexible work arrangements.

Responsibilities

Within delegated authority, the Senior Information Systems Officer (Information Security) will be responsible for the implementation of the information security program:

• Conceptualizes, develops strategy for and oversees the design and implementation of major systems initiatives in the area of information security; manages/oversees multiple, concurrent and often disparate tasks for projects that often involve innovative applications, dissimilar systems, as well as databases and highly complex system integration and linkages. Identifies information security goals, objective and metrics and establishes direction for the Secretariat-wide vision for information security issues, policies, standards, priorities and projects.
• Provides authoritative technical and policy advice to senior managers on the development of secure and reliable systems in a changing business environment as well as the implications of various alternatives, on business applications and other related issues; identifies and plans for future needs; develops and disseminates best practices. Monitors information security trends globally and collaborates with peers in UN-system organizations, member states, and the private sector on information security related initiatives; develops effective Secretariat-wide communication systems to quickly disseminate information and solutions to manage potential threats and mitigate risk.
• Leads and directs a team of information systems officers; plans and oversees the management of activities for (a) the threat and incident management unit, (b) the vulnerability management unit and (c) the security architecture unit; plans and manages work assignments; coaches, mentors, and evaluates staff; participates in the recruitment and selection of new staff and in the development of training programs.
• Manages the procurement process, including conducting needs assessments and benchmarks, preparing bid documents and arranging contracts; supervises, coordinates and negotiates the services required to enable the management and operation of interdependent administrative, financial, human resources and other information systems.
• Develops and monitors performance measures; ensures that projects meet established time and cost parameters and standards of technical quality; contributes to the review of proposed information and communications technology (ICT) projects to ensure their alignment with Secretariat-wide standards and architecture frameworks.
• Prepares and monitors the budget, work program, and spending plan of the Service.
• Develops innovative solutions to resolve intricate problems that impact a critical area of the organization’s work.
• Ensures the development of standards, procedures and practices to guarantee a stable and effective systems environment; develops documents and maintains and oversees a related compliance programme for ICT Policies and Procedures in the Information Security field.
• Supervises the development of security awareness and training programs.

Competencies

• Professionalism: Knowledge of the field of information security; Demonstrated advanced technical and broad knowledge of (a) threat and incident management, (b) vulnerability management and (c) security architecture for both traditional and cloud based ICT solutions; Ability to integrate knowledge with broader strategic, policy and operational objectives. Ability to advise senior management on information security matters, including the establishment of related standards, policies and procedures; Ability to improve processes and approaches; demonstrates adaptability to changing priorities. Knowledge of the organization’s information infrastructure and ICT strategy; strong negotiating skills and ability to influence others to reach agreement on difficult issues. Shows pride in work and in achievements; demonstrates professional competence and mastery of subject matter; is conscientious and efficient in meeting commitments, observing deadlines and achieving results; is motivated by professional rather than personal concerns; shows persistence when faced with difficult problems or challenges; remains calm in stressful situations.

• Accountability: Takes ownership of all responsibilities and honours commitments; delivers outputs for which one has responsibility within prescribed time, cost and quality standards; operates in compliance with organizational regulations and rules; supports subordinates, provides oversight and takes responsibility for delegated assignments; takes personal responsibility for his/her own shortcomings and those of the work unit, where applicable.

• Technological Awareness: Keeps abreast of available technology; understands applicability and limitation of technology to the work of the office; actively seeks to apply technology to appropriate tasks; shows willingness to learn new technology.

• Leadership: Serves as a role model that other people want to follow; empowers others to translate vision into results; is proactive in developing strategies to accomplish objectives; establishes and maintains relationships with a broad range of people to understand needs and gain support; anticipates and resolves conflicts by pursuing mutually agreeable solutions; drives for change and improvements; does not accept the status quo; shows the courage to take unpopular stands. Provides leadership and takes responsibility for incorporating gender perspectives and ensuring the equal participation of women and men in all areas of work; demonstrates knowledge of strategies and commitment to the goal of gender balance in staffing.

• Judgement/Decision-making: Identifies the key issues in a complex situation, and comes to the heart of the problem quickly; gathers relevant information before making a decision; considers positive and negative impacts of decisions prior to making them; takes decisions with an eye to the impact on others and on the Organization; proposes a course of action or makes a recommendation based on all available information; checks assumptions against facts; determines the actions proposed will satisfy the expressed and underlying needs for the decision; makes tough decisions when necessary.

Education

An Advanced university degree (Master’s degree or equivalent degree) in computer science, information systems, or related field. A first-level university degree in combination with two additional years of qualifying experience may be accepted in lieu of the advanced university degree.

Job - Specific Qualification

• Senior level professional certification in information security such as CISSP (Certified Information Systems Security Professional) is required.

Work Experience

• A minimum of ten years of progressively responsible experience in managing and implementing a global information security programme is required.

• Experience in performing or supervising information security assessments is required.

• Experience in the planned deployment and operation of technical threat hunting solutions is required.

• Experience in providing technical advice on the design of highly secure information technology solutions including with respect to cryptographic controls and integrated authentication solutions is desirable.

• Experience in coordinating working groups and providing policy advice and guidance on information security risk management is desirable.

• Experience with ISO27000, ITIL and CCM (Cloud Controls Matrix) frameworks is desirable.

Languages

English and French are the working languages of the United Nations Secretariat. For the position advertised, fluency in English is required. Knowledge of another official UN language is is desirable.

Assessment

Evaluation of qualified candidates may include an assessment exercise which may be followed by a competency-based interview.

Special Notice

• Staff members are subject to the authority of the Secretary-General and to assignment by him or her. In this context, all staff are expected to move periodically to new functions in their careers in accordance with established rules and procedures.

• The United Nations Secretariat is committed to achieving 50/50 gender balance and geographical diversity in its staff. Female candidates are strongly encouraged to apply for this position.

• Staff members of the United Nations Secretariat must fulfill the lateral move requirements to be eligible to apply for this vacancy. Staff members are requested to indicate all qualifying lateral moves in their Personal History Profile (PHP) and cover letter.

• At the United Nations, the paramount consideration in the recruitment and employment of staff is the necessity of securing the highest standards of efficiency, competence and integrity, with due regard to geographic diversity. All employment decisions are made on the basis of qualifications and organizational needs. The United Nations is committed to creating a diverse and inclusive environment of mutual respect. The United Nations recruits and employs staff regardless of gender identity, sexual orientation, race, religious, cultural and ethnic backgrounds or disabilities. Reasonable accommodation for applicants with disabilities may be provided to support participation in the recruitment process when requested and indicated in the application.

• For this position, applicants from the following Member States, which are unrepresented or underrepresented in the UN Secretariat as of 30 September 2022, are strongly encouraged to apply: Afghanistan, Andorra, Angola, Antigua and Barbuda, Bahrain, Belize, Brunei Darussalam, Cabo Verde, Central African Republic, Chad, China, Comoros, Cuba, Democratic People's Republic of Korea, Djibouti, Dominica, Equatorial Guinea, Gabon, Grenada, Guinea-Bissau, Haiti, Israel, Japan, Kiribati, Kuwait, Lao People's Democratic Republic, Lesotho, Liberia, Libya, Liechtenstein, Malta, Marshall Islands, Federated States of Micronesia, Monaco, Mozambique, Namibia, Nauru, Norway, Oman, Palau, Panama, Papua New Guinea, Paraguay, Qatar, Republic of Korea, Saint Lucia, Saint Vincent and the Grenadines, Samoa, San Marino, Sao Tome and Principe, Saudi Arabia, Slovenia Solomon Islands, South Sudan, Timor-Leste, Turkmenistan, Tuvalu, United Arab Emirates, United States of America, Vanuatu.

United Nations Considerations

According to article 101, paragraph 3, of the Charter of the United Nations, the paramount consideration in the employment of the staff is the necessity of securing the highest standards of efficiency, competence, and integrity. Candidates will not be considered for employment with the United Nations if they have committed violations of international human rights law, violations of international humanitarian law, sexual exploitation, sexual abuse, or sexual harassment, or if there are reasonable grounds to believe that they have been involved in the commission of any of these acts. The term “sexual exploitation” means any actual or attempted abuse of a position of vulnerability, differential power, or trust, for sexual purposes, including, but not limited to, profiting monetarily, socially or politically from the sexual exploitation of another. The term “sexual abuse” means the actual or threatened physical intrusion of a sexual nature, whether by force or under unequal or coercive conditions. The term “sexual harassment” means any unwelcome conduct of a sexual nature that might reasonably be expected or be perceived to cause offence or humiliation, when such conduct interferes with work, is made a condition of employment or creates an intimidating, hostile or offensive work environment, and when the gravity of the conduct warrants the termination of the perpetrator’s working relationship. Candidates who have committed crimes other than minor traffic offences may not be considered for employment.

Due regard will be paid to the importance of recruiting the staff on as wide a geographical basis as possible. The United Nations places no restrictions on the eligibility of men and women to participate in any capacity and under conditions of equality in its principal and subsidiary organs. The United Nations Secretariat is a non-smoking environment.

The paramount consideration in the appointment, transfer, or promotion of staff shall be the necessity of securing the highest standards of efficiency, competence, and integrity. By accepting an offer of appointment, United Nations staff members are subject to the authority of the Secretary-General and assignment by him or her to any activities or offices of the United Nations in accordance with staff regulation 1.2 (c). In this context, all internationally recruited staff members shall be required to move periodically to discharge new functions within or across duty stations under conditions established by the Secretary-General.

Applicants are urged to follow carefully all instructions available in the online recruitment platform, inspira. For more detailed guidance, applicants may refer to the Manual for the Applicant, which can be accessed by clicking on “Manuals” hyper-link on the upper right side of the inspira account-holder homepage.

The evaluation of applicants will be conducted on the basis of the information submitted in the application according to the evaluation criteria of the job opening and the applicable internal legislations of the United Nations including the Charter of the United Nations, resolutions of the General Assembly, the Staff Regulations and Rules, administrative issuances and guidelines. Applicants must provide complete and accurate information pertaining to their personal profile and qualifications according to the instructions provided in inspira to be considered for the current job opening. No amendment, addition, deletion, revision or modification shall be made to applications that have been submitted. Candidates under serious consideration for selection will be subject to reference checks to verify the information provided in the application.

Job openings advertised on the Careers Portal will be removed at 11:59 p.m. (New York time) on the deadline date.

No Fee

THE UNITED NATIONS DOES NOT CHARGE A FEE AT ANY STAGE OF THE RECRUITMENT PROCESS (APPLICATION, INTERVIEW MEETING, PROCESSING, OR TRAINING). THE UNITED NATIONS DOES NOT CONCERN ITSELF WITH INFORMATION ON APPLICANTS’ BANK ACCOUNTS.