INFORMATION SYSTEMS OFFICER

Org. Setting and Reporting

The UNJSPF is an inter-agency body established by the United Nations General Assembly in 1949. The Pension Fund pays benefits in 17 currencies to more than 70,000 beneficiaries who reside in 190 countries, and services more than 130,000 participants who work in the 25 Member Organizations of the Pension Fund.

This position is located in the United Nations Joint Staff Pension Fund, Pension Administration, Information Management Systems Service, Information Security Unit.

The mandate of this team is to protect UNJSPF data and systems from unlawful and malicious acts by unknown sources, through a combination of policy development and enforcement, corrective actions, security projects and monitoring of staff and systems used to transport and store UNJSPF data.

The incumbent will report to the Information Security Officer.

Responsibilities

Within limits of delegated authority, the Information Security Officer is responsible for the following duties:
• Participates in the review and development of information security policies, and related standards and guidelines.
• Coordinates the implementation of local information security policies. Ensures promotion and enforcement of these policies.
• Manages projects involving feasibility studies, systems analysis, design, development and implementation of new, moderately complex systems, and/or, participates as a member of a development team with responsibility for major components of the more complex systems.
• Develops detailed system and other functional specifications and user documentation for major systems.
• Provides leadership, vision, and direction on information security to the IMSS' staff and Senior Management. Oversees and coordinates all aspects of alignment of the IMSS' Information Security Management System (ISMS) with ISO 27001.
• Develops and maintains the information security management system, including information risks across the Organization. Establishes an information security and risk management functional capability and framework across the organization. Establishes processes to respond in a timely and proactive manner to significant information security breaches.
• Conducts information security risk assessments across the enterprise at suitable intervals. Ensures that key risk issues are understood, communicated, and tracked as required. Regularly verifies that required information security and risk controls are in place, raising findings as noncompliance is found and driving improvement.
• Monitors, manages, and deploys security controls as appropriate to support business needs while minimizing risk. Oversees the close management and analysis of security information and events.
• Develops training materials, operating and user manuals; trains staff in assigned systems.
• Develops disaster recovery plans and ensures appropriate planning and training of those responsible.
• Researches, analyzes and evaluates new technologies and makes recommendations for their deployment.
• Participates in writing reports and papers on systems-related topics, system requirements, information strategy, etc.
agreements with vendors and chargeback policy for users.
• Provides expert advice on the security architecture and configuration of complex systems.
• Provides guidance to, and may supervise, new/junior staff, consultants, etc.

Competencies

• PROFESSIONALISM: Knowledge of information technology/information management, particularly in systems analysis, database design and programming. Knowledge of several high level programming languages and significant exposure to and demonstrated proficiency in all aspects of programming and analysis, including structured/object-oriented design, relational systems, scripting and query languages, document design and management, hardware and software requirements, systems facilities and execution protocols. Strong analytical and problem-solving skills, to include proficiency in the development and implementation of systems of moderate size/complexity. Knowledge of interactive systems; good knowledge of organization’s information infrastructure and IT strategy as it relates to user area(s); independently maintains assigned systems and develops innovative approaches to resolve a wide range of issues/problems. Shows pride in work and in achievements; demonstrates professional competence and mastery of subject matter; is conscientious and efficient in meeting commitments, observing deadlines and achieving results; is motivated by professional rather than personal concerns; shows persistence when faced with difficult problems or challenges; remains calm in stressful situations. Takes responsibility for incorporating gender perspectives and ensuring the equal participation of women and men in all areas of work.

• TEAMWORK: Works collaboratively with colleagues to achieve organizational goals; solicits input by genuinely valuing others’ ideas and expertise; is willing to learn from others; places team agenda before personal agenda; supports and acts in accordance with final group decision, even when such decisions may not entirely reflect own position; shares credit for team accomplishments and accepts joint responsibility for team shortcomings.

• PLANNING & ORGANIZING: Develops clear goals that are consistent with agreed strategies; identifies priority activities and assignments; adjusts priorities as required; allocates appropriate amount of time and resources for completing work; foresees risks and allows for contingencies when planning; monitors and adjusts plans and actions as necessary; uses time efficiently.

Education

Advanced university degree (Master's degree or equivalent degree) in computer science, information systems, mathematics, statistics or related field. A first-level university degree in combination with two additional years of qualifying experience may be accepted in lieu of the advanced university degree. Formal professional certification in information systems security, such as CISM, CISSP or equivalent is required. Formal professional certification in project management methodology (such as Prince2) and in ITIL or equivalent is desirable.is desirable.

Work Experience

A minimum of five years of progressively responsible experience in planning, design,
development, implementation and maintenance of computer information systems or related
area and experience in managing IT projects and resources is required.

Experience in information security architecture and in implementing an information security
program is desirable.

Languages

English and French are the working languages of the UN Secretariat. For the post advertised, fluency in oral and written English is required. Knowledge of another official United Nations language is desirable.

Assessment

Evaluation of qualified candidates may include an assessment exercise which may be followed by competency-based interview.

Special Notice

The applicable human resources procedures are governed by a Memorandum of Understanding (MoU) between the Fund and the UN Secretariat. Any candidate from a member organization of the UNJSPF applying for these posts is considered as an internal candidate provided he/she has been appointed through the appointment and promotion procedures applicable in his/her respective organization. Staff members are subject to the authority of the Secretary- General and to assignment by him or her. In this context, all staff are expected to move periodically to new functions in their careers in accordance with established rules and procedures.

The UNJSPF is committed to achieving 50/50 gender balance in its staff. Female candidates are strongly encouraged to apply for this position.

United Nations Considerations

According to article 101, paragraph 3, of the Charter of the United Nations, the paramount consideration in the employment of the staff is the necessity of securing the highest standards of efficiency, competence, and integrity. Candidates will not be considered for employment with the United Nations if they have committed violations of international human rights law, violations of international humanitarian law, sexual exploitation, sexual abuse, or sexual harassment, or if there are reasonable grounds to believe that they have been involved in the commission of any of these acts. The term “sexual exploitation” means any actual or attempted abuse of a position of vulnerability, differential power, or trust, for sexual purposes, including, but not limited to, profiting monetarily, socially or politically from the sexual exploitation of another. The term “sexual abuse” means the actual or threatened physical intrusion of a sexual nature, whether by force or under unequal or coercive conditions. The term “sexual harassment” means any unwelcome conduct of a sexual nature that might reasonably be expected or be perceived to cause offence or humiliation, when such conduct interferes with work, is made a condition of employment or creates an intimidating, hostile or offensive work environment, and when the gravity of the conduct warrants the termination of the perpetrator’s working relationship. Candidates who have committed crimes other than minor traffic offences may not be considered for employment.

Due regard will be paid to the importance of recruiting the staff on as wide a geographical basis as possible. The United Nations places no restrictions on the eligibility of men and women to participate in any capacity and under conditions of equality in its principal and subsidiary organs. The United Nations Secretariat is a non-smoking environment.

The paramount consideration in the appointment, transfer, or promotion of staff shall be the necessity of securing the highest standards of efficiency, competence, and integrity. By accepting an offer of appointment, United Nations staff members are subject to the authority of the Secretary-General and assignment by him or her to any activities or offices of the United Nations in accordance with staff regulation 1.2 (c). In this context, all internationally recruited staff members shall be required to move periodically to discharge new functions within or across duty stations under conditions established by the Secretary-General.

Applicants are urged to follow carefully all instructions available in the online recruitment platform, inspira. For more detailed guidance, applicants may refer to the Manual for the Applicant, which can be accessed by clicking on “Manuals” hyper-link on the upper right side of the inspira account-holder homepage.

The evaluation of applicants will be conducted on the basis of the information submitted in the application according to the evaluation criteria of the job opening and the applicable internal legislations of the United Nations including the Charter of the United Nations, resolutions of the General Assembly, the Staff Regulations and Rules, administrative issuances and guidelines. Applicants must provide complete and accurate information pertaining to their personal profile and qualifications according to the instructions provided in inspira to be considered for the current job opening. No amendment, addition, deletion, revision or modification shall be made to applications that have been submitted. Candidates under serious consideration for selection will be subject to reference checks to verify the information provided in the application.

Job openings advertised on the Careers Portal will be removed at 11:59 p.m. (New York time) on the deadline date.

No Fee

THE UNITED NATIONS DOES NOT CHARGE A FEE AT ANY STAGE OF THE RECRUITMENT PROCESS (APPLICATION, INTERVIEW MEETING, PROCESSING, OR TRAINING). THE UNITED NATIONS DOES NOT CONCERN ITSELF WITH INFORMATION ON APPLICANTS’ BANK ACCOUNTS.