Information Security Specialist

Contract

This is a IICA-2 contract. This kind of contract is known as International Individual Contractor Agreements. It is normally internationally recruited only. It's an external contract. It usually requires 5 years of experience, depending on education. More about IICA-2 contracts.

Background Information - Job-specific

UNOPS operating environment and projects are inherently risky. Furthermore, they are increasingly technology-enabled and data-intensive. This makes Risk Management and Information Security key elements to the way projects are delivered across the global organization and the way processes are digitized to better enable that.

The position is located in the Risk unit, part of a broader Strategy, Risk and Change Group placed directly under the Executive Office. The Risk unit is headed by UNOPS Chief Risk Officer (CRO) and currently covers the functions of Risk Management, Internal Control, Information Security, and Corporate Insurance. The Chief Information Security Officer (CISO), reporting to the CRO, leads the Information Security function to ensure consistent and high-quality information security management in support of risk management, strategy, projects, and assurance.

One of the priorities of the Information Security function is to establish a Security Operations Center (SOC) to continuously monitor the global information systems security posture, act as a clearing house for all generated security events, identify, analyse, investigate, and escalate security-related incidents to ensure the security and integrity of data and systems across the organization are always maintained. The SOC, by correlating data and leveraging actionable security intelligence in an ever-evolving cyber threat landscape, will enable stronger, faster, and more agile cyber threat monitoring, triage, and response capability.

Under the overall guidance of the SOC Manager, the Information Security Specialist will be responsible for a broad range of tasks, including (1) defending against cybersecurity incidents, as well as identifying, analysing, communicating, and containing these incidents when they do occur. (2) day-to-day administration of cybersecurity tools and devices, as well as first-level and second-level support for SIEM, and SOAR. (3) Threat and vulnerability assessments and support for vulnerability remediation activities.

Functional Responsibilities

Information Security Direction and Advice

Work with the Chief Information Security Officer (CISO) and SOC Manager to develop, plan, and deliver a security program and projects aligned with the strategy and roadmap that address identified risks, and business security requirements.

• Monitor and report on compliance with security policies, as well as the enforcement of policies, and control effectiveness across the organization.
• Provides input on recommendations to existing policies and procedures to ensure security operation efficiency and regulatory compliance.
• Assist resource owners and technology staff in understanding and responding to security audit failures reported by auditors.
• Work with various stakeholders to identify information asset owners to classify data and systems as part of a control framework implementation.
• Work with the Information Security, IT, and business stakeholders to define metrics and reporting strategies that effectively communicate the successes and progress of the security program.
• Work with the enterprise architecture team to ensure that there is a convergence of business, technical and security requirements; liaise with IT management to align existing technical installed base and skills with future architectural requirements.
• Manage security projects and provide expert guidance on security matters for other projects.

Capability and Awareness Building

Threat and Vulnerability Management

• Performs threat and vulnerability assessments, followed by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from vulnerabilities.
• Research threats and vulnerabilities and, where appropriate, take action to mitigate threats and remediate vulnerabilities.
• Review, assess, and mitigate penetration tests and vulnerability assessments on information systems and infrastructure.
• Recommends, schedule and/or apply fixes, security patches and any other measures required in the event of a security breach.
• Monitors security vulnerability information from vendors and third parties.
• Performs system and application vulnerability testing.

Incident Response Management

• Conducts network monitoring and intrusion detection analysis using various computer network defense tools, and host-based security systems.
• Conducts log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources.
• Works with security information and event management (SIEM) to manage/tune the system, create/manage the detection content and actively watch for alerts.
• Correlates network, cloud, and endpoint activity across environments to identify attacks and unauthorized use.
• Reviews alerts and data from sensors, and documents formal, technical incident reports.
• Coordinates response to computer security incidents according to the computer security incident response policy and procedures.
• Provides technical guidance to first responders for handling information security incidents.
• Provides timely and relevant updates to appropriate stakeholders and decision-makers.
• Communicates investigation findings to relevant business units to help improve the information security posture.
• Validates and maintains incident response plans and processes to address potential threats.
• Works with threat intelligence and/or threat-hunting teams
• Compiles and analyses data for management reporting and metrics.
• Analyses potential impact of new threats and communicates risks back to detection engineering functions.
• Performs root-cause analysis to document findings and participate in root-cause elimination activities as required.
• Provides users with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary.
• Research emerging threats and vulnerabilities to aid in the identification of incidents.
• Perform security standards testing against computers before implementation to ensure security.
• Implements or coordinates remediation required by audits, and documents exceptions as necessary.

Security Engineering

• Performs system security administration on designated technology platforms, including operating systems, applications, and network security devices, in accordance with the defined policies, standards and procedures of the organization, as well as with industry best practices and vendor guidelines.
• Performs user and access administration on designated systems and applications, in accordance with the defined policies, standards and procedures.
• Performs installation and configuration management of security systems and applications, including policy assessment and compliance tools, network security appliances and host-based security systems.
• Applies patches where appropriate and, removes or mitigates known control weaknesses, as a means of hardening systems in accordance with security policies and standards.
• Develops and maintains documentation for security systems and procedures.
• Research recommends, evaluates, and implements cybersecurity solutions that identify and/or protect against potential threats, and respond to security violations.

Impact of Results

The effective and successful achievement of results by the incumbent directly affects UNOPS's ability to deliver against its mandate and protects UNOPS's reputation. The role is imperative to the effective management of information security risks, impacting the visibility and reputation of the UNOPS as an effective service provider in project services and management and consequently strengthen its competitive position as a partner of choice.

Education/Experience/Language requirements

Education

• A bachelor’s degree preferably in business information systems, computer sciences, telecommunications, engineering, or a technology-related field is required.
• A master’s degree preferably in business information systems, computer sciences, telecommunications, engineering, or a technology-related field is desirable. This can substitute 2 years of required experience

Experience

• A minimum of seven (7) years of total experience in IT, Information Security, or IT Security is required.
• A minimum of 3 years of experience in Information Security, especially on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC) is required.
• Experience with regulatory compliance and information security management frameworks (e.g., IS027000, COBIT, NIST 800, etc.) is desirable.
• In-depth knowledge and experience in Security Information and Event Management (SIEM) and Security Orchestration, Automation and Response (SOAR) is required, (Google Chronicle SIEM & and SOAR experience is desirable)
• Good technical and trouble-shooting ability is required and must be evidenced in the candidate’s work experience.
• Experience in crisis management is desirable.

Languages

• Full working knowledge of English is required.
• Knowledge of another official UN language (Spanish and/or French) is desirable.

Certifications

One or more of the following professional certifications would be considered an advantage.

• ISO 27001 Lead Implementer or Auditor
• CISSP, CCSP (or other ISC2 Certifications)
• CISM, CISA, CRISC (or other ISACA Certifications)
• C|ND, C|EH (or other EC-Council Certifications)
• OSCP (or other Offensive Security certifications)
• GCIH, GCED (or other GIAC Certifications)

The following or any other relevant professional certifications are desirable.

• Project Management (PMP, Prince2)
• ISO/IEC 20000 IT Service Management
• Information Technology Infrastructure Library (ITIL)

Competencies

Develops and implements sustainable business strategies, thinks long term and externally in order to positively shape the organization. Anticipates and perceives the impact and implications of future decisions and activities on other parts of the organization.(for levels IICA-2, IICA-3, LICA Specialist- 10, LICA Specialist-11, NOC, NOD, P3, P4 and above) Treats all individuals with respect; responds sensitively to differences and encourages others to do the same. Upholds organizational and ethical norms. Maintains high standards of trustworthiness. Role model for diversity and inclusion.

Acts as a positive role model contributing to the team spirit. Collaborates and supports the development of others. For people managers only: Acts as positive leadership role model, motivates, directs and inspires others to succeed, utilizing appropriate leadership styles. Demonstrates understanding of the impact of own role on all partners and always puts the end beneficiary first. Builds and maintains strong external relationships and is a competent partner for others (if relevant to the role). Efficiently establishes an appropriate course of action for self and/or others to accomplish a goal. Actions lead to total task accomplishment through concern for quality in all areas. Sees opportunities and takes the initiative to act on them. Understands that responsible use of resources maximizes our impact on our beneficiaries. Open to change and flexible in a fast paced environment. Effectively adapts own approach to suit changing circumstances or requirements. Reflects on experiences and modifies own behavior. Performance is consistent, even under pressure. Always pursues continuous improvements. Evaluates data and courses of action to reach logical, pragmatic decisions. Takes an unbiased, rational approach with calculated risks. Applies innovation and creativity to problem-solving. Expresses ideas or facts in a clear, concise and open manner. Communication indicates a consideration for the feelings and needs of others. Actively listens and proactively shares knowledge. Handles conflict effectively, by overcoming differences of opinion and finding common ground.

Contract type, level and duration

Contract type: ICA

Contract level: IICA 2 Contract duration: Ongoing ICA – ‘Open-ended, subject to organizational requirements, availability of funds and satisfactory performance.’

For more details about the ICA contractual modality, please follow this link: https://www.unops.org/english/Opportunities/job-opportunities/what-we-offer/Pages/Individual-Contractor-Agreements.aspx

Additional Information

• Please note that UNOPS does not accept unsolicited resumes.
• Applications received after the closing date will not be considered.
• Please note that only shortlisted candidates will be contacted and advance to the next stage of the selection process, which involves various assessments.
• UNOPS embraces diversity and is committed to equal employment opportunity. Our workforce consists of many diverse nationalities, cultures, languages, races, gender identities, sexual orientations, and abilities. UNOPS seeks to sustain and strengthen this diversity to ensure equal opportunities as well as an inclusive working environment for its entire workforce.
• Qualified women and candidates from groups which are underrepresented in the UNOPS workforce are encouraged to apply. These include in particular candidates from racialized and/or indigenous groups, members of minority gender identities and sexual orientations, and people with disabilities.
• We would like to ensure all candidates perform at their best during the assessment process. If you are shortlisted and require additional assistance to complete any assessment, including reasonable accommodation, please inform our human resources team when you receive an invitation.

Terms and Conditions

• For staff positions only, UNOPS reserves the right to appoint a candidate at a lower level than the advertised level of the post.
• For retainer contracts, you must complete a few Mandatory Courses (they take around 4 hours to complete) in your own time, before providing services to UNOPS. For more information on a retainer contract here.
• All UNOPS personnel are responsible for performing their duties in accordance with the UN Charter and UNOPS Policies and Instructions, as well as other relevant accountability frameworks. In addition, all personnel must demonstrate an understanding of the Sustainable Development Goals (SDGs) in a manner consistent with UN core values and the UN Common Agenda.
• It is the policy of UNOPS to conduct background checks on all potential personnel. Recruitment in UNOPS is contingent on the results of such checks.