Consultant – Cyber Security Specialist, Local);(UNICC Partnership

Result of Service UNRWA is an equal opportunity employer and welcomes applications from both women and men. UNRWA encourages applications from qualified women. Only those applicants shortlisted for an interview will be contacted. UNRWA is a non-smoking environment.

Work Location Gaza, Jordan, Lebanon, Syria, or West Bank

Expected duration 6 to 11 months

Duties and Responsibilities ¿ Develop and enhance an information security management framework based on the ISO 27000 standards; ¿ Develop, maintain and publish up-to-date information security policies, standards and guidelines. Oversee the approval, training, and dissemination of security policies and practices; ¿ Create, communicate and implement the process for risk management, including the assessment and treatment of identified risks. Work directly with business units and stakeholders throughout the organization on identifying acceptable levels of residual risk. Report and oversee treatment efforts; ¿ Build regular reporting/dashboards on the current status of the cyber security programme to senior management and business units as part of a strategic enterprise risk management programme; ¿ Help raise cyber security and risk management awareness for all employees, contractors and approved system users; ¿ Provide active support during security incidents and events that affect organizational assets, including intellectual property, sensitive data and the organization’s reputation; ¿ Provide direction, support and in-house consulting in effective disaster recovery policies and standards. Coordinate the development of implementation plans and procedures to ensure that business-critical services are recovered in case of a security event; ¿ Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls; ¿ Ensure that security programs are in compliance with relevant rules, regulations, policies and standards to minimize or eliminate risks and audit findings; ¿ Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action; Perform technical security assessments and develop strategies for remediating vulnerabilities and risks identified; ¿ Work closely with other members of ICC’s cyber security team to develop and deliver new and existing cyber security services; ¿ Provide other ad hoc support either within CPI or other units as required – this includes the participation in special projects or support to service delivery for short period of time on a part-time or full-time basis upon request from the senior management.

Qualifications/special skills Academic Qualifications:

A university degree or master’s degree from an accredited educational institution in information technology information management, Information systems, computer science, computer engineering, Software engineering, Business Administration, Management, or other related disciplines.

Experience:

• A minimum of 10 years of experience for a bachelor’s degree or a minimum of 8 years for a master’s degree in information technology, information security, risk management, or IT-Security or security incident response or security testing related jobs with increasing levels of responsibility;
• Experience in developing information security policies and procedures, as well as successfully executing programs in a dynamic environment;
• Excellent knowledge of information security technologies;
• Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Cloud Security Professional (CCSP), Iso27001 lead implementer/auditor, or other similar credentials. .

DESIRABLE QUALIFICATIONS

• Experience in achieving and maintaining ISO 27001 certification;
• Three years of experience working in security consulting engagements;
• Project management skills and ability to manage multiple projects under strict timelines;
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT, etc.

COMPETENCIES

• Ability to understand technical and business aspects of IT risk, and to communicate those risks to management, business and technical units so that the organization can make informed decisions regarding appropriate levels of information security control;
• Strong analytical and problem-solving skills;
• Ability to work well in a demanding, dynamic environment. Ability to act calmly and competently in high-pressure, high-stress situations;
• High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity;
• High degree of initiative, dependability and ability to work with little supervision.

Language:

• Fluency in spoken and written English.

Contract conditions:

• The duration of the consultancy is 6 to 11 months, extendable according to performance and availability of funds.

• Remuneration for this consultancy will be 2300.00 USD and depend on the qualifications and relevant experience. •The incumbent can be in any UNRWA field of operations (Gaza, Jordan, Lebanon, Syria, or West Bank).

  Additional Information UNRWA has signed a Memorandum of Understanding (MoU) with United Nations International Computing Center (UNICC) that aims to enhance livelihood and human development opportunities to Palestine refugees in Gaza. By this new collaboration, UNRWA becomes a provider of Information Management, Technology services and capacity augmentation to UNICC technical team, on a cost recovery basis through IMTD/IT Service Center (ITSC) in HQ-Gaza.

United Nations International Computing Center (UNICC) is a UN agency that provides IT services to other UN agencies on a cost recovery basis.

UNRWA Information Management and Technology Department (IMTD) is seeking a Cyber Security Specialist who will support client organizations in establishing, implementing, maintaining and continually improving information security controls to ensure that information assets are adequately protected. The Cyber Security Specialist will also be responsible for providing active support with Cyber Security Governance practice at ICC and will provide services to client organizations independently or under light supervision. This is an opportunity to make a big impact and get lots of ownership. We are looking for someone who thrives in the very early stages of a project and is self-driven.

The consultant will report administratively to Head Information Technology Service Centre at Headquarter Gaza and technically to United Nations International Computing Center (UNICC).

• Please indicate if you are a Palestinian Refugee and provide your registration card number if applicable.

  No Fee THE UNITED NATIONS DOES NOT CHARGE A FEE AT ANY STAGE OF THE RECRUITMENT PROCESS (APPLICATION, INTERVIEW MEETING, PROCESSING, OR TRAINING). THE UNITED NATIONS DOES NOT CONCERN ITSELF WITH INFORMATION ON APPLICANTS’ BANK ACCOUNTS.