ICT Specialist (Cybersecurity Governance), P-3, Fixed-term, Post no. 100010, ICTD Digital Core, Valencia, Spain

Contract

This is a P-3 contract. This kind of contract is known as Professional and Director staff. It is normally internationally recruited only. It's a staff contract. It usually requires 5 years of experience, depending on education.

Salary

The salary for this job should be between 74,649 USD and 97,747 USD.

Please keep in mind that the salary displayed here is an estimation by UN Talent based on the location and the type of contract. It may vary depending on the organization. The recruiter should be able to inform you about the exact salary range. In case the job description contains another salary information, please refer to this one.

UNICEF works in some of the world’s toughest places, to reach the world’s most disadvantaged children. To save their lives. To defend their rights. To help them fulfill their potential.

Across 190 countries and territories, we work for every child, everywhere, every day, to build a better world for everyone.

And we never give up.

For every child, a connected world.

The strategic mission of ICTD is to transform and build partnerships with our stakeholders to successfully implement UNICEF programmes globally using innovative, technology-enabled solutions for better outcomes for children.

UNICEF is going through an exciting digital transformation that will influence the work across the organization. We are looking for dynamic, innovative professionals to drive the transformation and play a key role in shaping the way forward.

This position reports to the Chief, IT Security in the Strategy Resource Management and Governance group of the Information and Communication Technology Division (ICTD) in Valencia, Spain.

The Strategy, Resource Management and Governance group is responsible to ensure global ICT management support and governance. It develops and maintains a strategic ICT plan including an ICT Enterprise Architecture, supporting the key ICT governance instruments and boards, and it manages the ICT project portfolio and project plans through a federated portfolio management system ensuring adequate change management.

A key function of the group is to manage the financial resources of the division, its human resources, ICT procurement, asset management and learning and development. The group is also establishing ICT management policies and procedures, performing technical reviews and quality assurance of applications and ICT infrastructure projects.

How can you make a difference?

The ICT Specialist (Cybersecurity Governance) is responsible for supporting the Chief, IT Security with the Information Security program of work, including technical expertise and guidance to internal and external stakeholders to ensure the integrity of UNICEF Information assets.

The ICT Specialist works with the Chief, IT Security as well as other Chiefs and ICT Managers to validate the design and ensure the application of different processes, standards, technologies and organizational structures to develop more secure information systems.

Key responsibilities:

Support to Information Security Program Development, Planning and Execution

• Support the Chief, IT Security to identify, prioritize, develop, manage and facilitate information security work. • Understand business needs and business capability requirements, business risk appetite and collaborate with other stakeholders and suppliers to assist in developing and planning an ICT / Information Security program of work. • Support development and maintenance of applicable documentation for UNICEF Information Security Management System, including policies, standards, processes, guidelines, etc. Ensure their application across the entire UNICEF ICT landscape. • Participate in planning sessions with the Business Relationship Management Cluster, Digital Core Managers and other stakeholders to identify ICT and Information Security needs in new business cases.

Technical and Operational Support to the Information Security Function

• Provide technical support for the implementation and operationalization of UNICEF Information Security Management System (ISMS). • Support the Information Security, Project Management Office and Enterprise Architecture governance processes. Support the prioritization and rationalization of demands to ensure Information Security considerations are captured and actioned across the board. • Perform and coordinate detailed technical security assessments, ethical hacking and penetration tests and monitor the resolution of findings. • Oversee providers and third parties of ICT-related technical services and products, to ensure alignment with the UNICEF Information Security Program and security industry best practices.

Networking and Partnership Building

• Build and sustain effective close working partnerships with the ICTD Digital Core, Digital Center of Excellence, Field focal points and other counterparts through active sharing of information and knowledge. • Facilitate implementation of the UNICEF Cybersecurity Program and build capacity of stakeholders to achieve the program’s information security goals. • Prepare communication and information materials for security programme advocacy to promote awareness, establish partnership and alliances, and support fundraising for security related needs outside the centrally funded program. • Support the Chief, IT Security in identifying internal client expectations with respect to IT security services as well as gaps between client needs and capabilities, and work to find agile solutions to those gaps.

Innovation, Advocacy and Capacity Building

• Assist the Chief, IT Security in promoting the Information Security Program, ensuring the divisional clients understand the program and executive management expectations, overall delivery of services provided to meet program requirements, and compliance to processes. Develop and communicate awareness programs. • Advocate on behalf of the unit to ensure IT security services meet their business priorities and needs. • Support change management activities, including frequent communication to staff and clients on changes and their impact, advocacy and coaching to minimize disruption and achieve desired results from ICT initiatives that are triggered or enabled by technology. • Apply and introduce innovative approaches and best practices to build the capacity of partners and stakeholders, and to support the implementation and delivery of concrete and sustainable information security practices. • Keep abreast of, research, benchmark and implement best and cutting-edge practices in information systems. Assess, institutionalize and share best practices and knowledge learned.

To qualify as an advocate for every child you will have…

Academic Degrees: • An advanced university degree (Master’s or higher) in management information systems, computer science or a related field is required. • A first University Degree (Bachelor’s Degree or equivalent) in a relevant field combined with 2 additional years of professional experience may be accepted in lieu of an advanced university degree. • A Cybersecurity specialization and industry certifications are highly desirable.

Required Experience: A minimum of 5 years of progressively responsible work experience in Information Technology in an international development context is required, including: o Experience performing and coordinating third party vendor risk assessments, technical security assessments, ethical hacking and penetration tests. o Strong working experience in 3 of the following areas: Modern security tools and platforms (XDR, SIEM, ETC), Software Development Lifecycle and opensource security, security operations, security incident response, digital forensics, threat intelligence analysis. o Experience supporting cybersecurity in large, complex projects with delivery to a large remote user base and multiple stakeholders. o Understanding and experience with integrated business systems in a global organization. o Experience in vendor and contract management. o Experience with writing technical policies, procedures, and guidelines.

Required Skills and Knowledge: • Strong understanding of cybersecurity risk, controls and program frameworks. • Clear understanding of Information Security aspects in software development lifecycle and Application support. • Ability to foster excellent work relationships and build alliances with key stakeholders and industry business partners • Ability to support multiple projects and resources concurrently, including ability to assess benefits, risks, and costs • Ability to learn the business unit's functions and understand the strategic business goals to identify opportunities for technology innovation and to analyze and propose technical strategies for the business units. • Ability to stay abreast of new technologies and their ability to support UNICEF innovation projects to improve efficiency and effectiveness of business units.

Language Requirements: • Fluency in English is required. • Knowledge of another official UN language (Arabic, Chinese, French, Russian or Spanish) or a local language is an asset.

For every Child, you demonstrate...

UNICEF’s Core Values of Care, Respect, Integrity, Trust and Accountability and Sustainability (CRITAS) underpin everything we do and how we do it. Get acquainted with Our Values Charter: UNICEF Values

UNICEF competencies required for this post are…

(1) Builds and maintains partnerships (2) Demonstrates self-awareness and ethical awareness (3) Drive to achieve results for impact (4) Innovates and embraces change (5) Manages ambiguity and complexity (6) Thinks and acts strategically (7) Works collaboratively with others

During the recruitment process, we test candidates following the competency framework. Familiarize yourself with our competency framework and its different levels: competency framework here.

As an advocate for every child you will receive:

UNICEF offers a competitive salary that is tax-exempted for most nationalities. You can access here a salary calculator for simulation. (Medical insurance and pension premiums will be deducted from net salary).

We offer a wide range of benefits to our staff, including paid parental leave, breastfeeding breaks and reasonable accommodation for persons with disabilities. UNICEF strongly encourages the use of flexible working arrangements.

Additional benefits for eligible international professional staff members include: • Paid holidays and leave, including 2.5 days of annual leave accrual per month and 10 official holidays per year • Paid parental leave (maternity, paternity and adoption) • Dependency allowance • Rental subsidy • Relocation support and lump sum • Home leave travel (air tickets or lump sum) • Education grant for children in school • United Nations-sponsored medical and dental insurance plan, pension plan, and optional life insurance plan • Access to professional development and learning programs, online learning, and learning path • Access to staff well-being and career development support

UNICEF is here to serve the world’s most disadvantaged children and our global workforce must reflect the diversity of those children. The UNICEF family is committed to include everyone, irrespective of their race/ethnicity, age, disability, gender identity, sexual orientation, religion, nationality, socio-economic background, or any other personal characteristic.

UNICEF has a zero-tolerance policy on conduct that is incompatible with the aims and objectives of the United Nations and UNICEF, including sexual exploitation and abuse, sexual harassment, abuse of authority and discrimination. UNICEF is committed to promote the protection and safeguarding of all children. All selected candidates will, therefore, undergo rigorous reference and background checks, and will be expected to adhere to these standards and principles. Background checks will include the verification of academic credential(s) and employment history. Selected candidates may be required to provide additional information to conduct a background check.

Remarks:

UNICEF’s active commitment towards diversity and inclusion is critical to deliver the best results for children. For this position, eligible females are strongly encouraged to apply.

International mobility is a condition of international professional employment with UNICEF and an underlying premise of the international civil service.

UNICEF appointments are subject to medical clearance. Issuance of a visa by the host country of the duty station, which will be facilitated by UNICEF, is required for International Professional positions. Appointments are also subject to inoculation (vaccination) requirements, including against SARS-CoV-2 (Covid). Government employees that are considered for employment with UNICEF are normally required to resign from their government before taking up an assignment with UNICEF. UNICEF reserves the right to withdraw an offer of appointment, without compensation, if a visa or medical clearance is not obtained, or necessary inoculation requirements are not met, within a reasonable period for any reason.