Digital Security Assistant

OVERVIEW

Post Number : DBS 151

Grade : G-5

Parent Sector : Bureau for Digital Business Solutions (DBS)

Duty Station: Paris

Job Family: Computer Sciences / Information Technologies

Type of contract : Fixed Term

Duration of contract : 2 years (Expected entry on duty on 01/01/2024)

Recruitment open to : Internal and external candidates

Application Deadline (Midnight Paris Time) : 16-JUN-2023

 

UNESCO Core Values: Commitment to the Organization, Integrity, Respect for Diversity, Professionalism

 

 

Applicants must be entitled to live and work in France. 

 

 

OVERVIEW OF THE FUNCTIONS OF THE POST

 

The post is located within the Bureau of Digital Business Solution (DBS), Digital Security, Archives and Digital Assets Section (SAA), Digital Security Team (DSE). Under the overall authority of the Chief Information and Technology Officer (CITO) and under the direct supervision and guidance of the Senior Cybersecurity and Digital Assets manager (CISO), the incumbent will be part of a small team with multiple functions and with daily working relations across the Secretariat. 

In accordance with the general policies, rules and guidelines of UNESCO, the incumbent is responsible for implementing cybersecurity human risk management and compliance activities, including (1) organization-wide and targeted security awareness training, (2) reporting and coordinating the phishing campaign simulations, and (3) coordination and communication aspects of the vulnerability management program.

 

Major Activities, Nature of the work

Main responsibilities include:

• Under the supervision of the CISO, identify the needs, deploy, and supervise the delivery of security awareness trainings for all UNESCO employees to promote a culture of security within the organization. Provide management with metrics and report to measure training impact and organizational compliance.
• Coordinate phishing simulation campaigns to test and improve the organization's defenses against phishing attack. Ensure coordination with third party vendors. Contribute to the creation of original campaigned contextualized and adapted to the organization. Provide periodic metrics and reporting to the management.
• Assist the CISO in managing communication with governance bodies, including security committees and working groups, follow up with audit recommendations.
• Maintain security reporting and metrics to measure the effectiveness of security programs and to identify areas for improvement. Assist the CISO in documenting and preparing presentations to management, sectors and programs, and field offices; supports the communication with governance bodies and maintains the audit recommendations register.
• Support the Vulnerabilities Management program: ensure the asset inventory is kept up-to-date, document the remediation plan and liaise with partners and project owners, document response and prepare monthly report for CISO and management.
• Help the CISO in the production of regular and ad-hoc security reports and metrics, and support the communication with governance bodies and maintain the audit recommendation register.
• Additional activities that may be required to ensure the success of the work team.

 

The Digital Security Assistant is expected to:

• Do researches on the activities (particularly phishing and training) to come up with creative and realistic scenarios/ideas.
• Work autonomously on recurring program delivery, under the supervision of the CISO and with the assistance of the Digital Security Team.
• Play a key role in promoting awareness and education to mitigate this risk, joining the organization's high priority on cybersecurity strategy.
• Have a strong team spirit, capability of knowledge sharing and flexibility are essential requirements for the implementation of the functions of the post.

 

COMPETENCIES (Core / Managerial) Accountability (C) Communication (C) Planning and organizing (C) Results focus (C) Teamwork (C) Professionalism (C) Knowledge sharing and continuous improvement (C) - For detailed information, please consult the UNESCO Competency Framework. REQUIRED QUALIFICATIONS

 

Education

•  Completed secondary, technical and/or vocational education in the field of IT.

 

Work Experience

• Five (5) years of work experience in the field of digital security, or higher education degree Bachelor in the field of digital security.

 

Skills and competencies 

• Utmost discretion and integrity.
• Service-oriented and ability to deal efficiently and tactfully with people of different cultural backgrounds.
• Attention to detail and meticulousness.
• Judgment and ability to work autonomously.
• Ability to take initiatives and provide quality and timely support services.
• Good Knowledge of IT tools with proficiency in the use of MS Office (Outlook, Word, Excel, PowerPoint, etc.)

 

Languages

• Excellent knowledge of English or French. 

 

DESIRABLE QUALIFICATIONS

 

Certifications

• Entry-level cybersecurity certification is a plus (Comptia Security+, Microsoft Technology Associate (MTA) Security Fundamentals or similar)

 

Languages

• Knowledge of another official language of UNESCO (French, Chinese, Russian, Arabic or Spanish).

 

BENEFITS AND ENTITLEMENTS

UNESCO’s salaries consist of a basic salary and other benefits which may include if applicable: 30 days annual leave, family allowance, medical insurance, pension plan etc.

For full information on benefits and entitlements, please consult our Guide to Staff Benefits.

 

SELECTION AND RECRUITMENT PROCESS

Please note that all candidates must complete an on-line application and provide complete and accurate information. To apply, please visit the UNESCO careers website. No modifications can be made to the application submitted.

The evaluation of candidates is based on the criteria in the vacancy notice, and may include tests and/or assessments, as well as a competency-based interview. 

UNESCO uses communication technologies such as video or teleconference, e-mail correspondence, etc. for the assessment and evaluation of candidates.

Please note that only selected candidates will be further contacted and candidates in the final selection step will be subject to reference checks based on the information provided.

Footer

UNESCO recalls that paramount consideration in the appointment of staff members shall be the necessity of securing the highest standards of efficiency, technical competence and integrity. UNESCO applies a zero-tolerance policy against all forms of harassment. UNESCO is committed to achieving and sustaining equitable and diverse geographical distribution, as well as gender parity among its staff members in all categories and at all grades. Furthermore, UNESCO is committed to achieving workforce diversity in terms of gender, nationality and culture. Candidates from non- and under-represented Member States (last update here) are particularly welcome and strongly encouraged to apply. Individuals from minority groups and indigenous groups and persons with disabilities are equally encouraged to apply. All applications will be treated with the highest level of confidentiality. Worldwide mobility is required for staff members appointed to international posts.

UNESCO does not charge a fee at any stage of the recruitment process.