IT Assistant (Cybersecurity Analyst) (Cancelled)

Assist in enhancing cybersecurity measures and compliance objectives

This opening expired 4 years ago. Do not try to apply for this job.

UNESCWA - Economic and Social Commission for Western Asia

Open positions at UNESCWA / Open positions at UN
Logo of UNESCWA

Application deadline 4 years ago: Wednesday 4 May 2022 at 23:59 UTC

Open application form

Overview

Assist in enhancing cybersecurity measures and compliance objectives

You have:

  • First level University degree preferably in computer engineering or similar field is required.
  • A minimum of five years experience of consulting related work experience in two or more cybersecurity domains is required.
  • Fluency in English is required, knowledge of a second official United Nations language is an added advantage.

Result of Service Secure, resilient and scalable: - Core infrastructure - Cloud infrastructure - Mobile and endpoints - Web applications

Work Location Beirut

Expected duration 6 months

Duties and Responsibilities Under the overall guidance of the Chief, ICTS, and direct supervision by the Team Lead, Infrastructure Network and Security unit, the IT Assistant (Cybersecurity Analyst) will perform the following tasks:

  • Assist in defining and executing cybersecurity roadmap to improve cybersecurity controls and compliance objectives.
  • Assist and manage the deployment, implementation, operation, support and maintenance of the Information Security Management System (ISMS) based on ISO 27000 series standards.
  • Assist to implement enterprise security policies and standards in cloud environment.
  • Collaborate with internal and external entities in obtaining and maintaining ISO 27001 certification.
  • Support development, implementation, and maintenance of cybersecurity playbooks, runbooks, procedures and guidelines.
  • Assist in the development, maintenance and implementation of enterprise policies and procedures related to cybersecurity
  • Collaborate with software developers to ensure the appropriate security requirements are embedded in the correct phases of development.
  • Working closely with software developers to improve development cycles, audit and automate release processes and then coordinate with operations to implement pushes and changes
  • Assist in annual cybersecurity assessment process and all resulting remediation projects.
  • Participate in systems security evaluations and review including development of systems security plans, implementation and maintenance of risk assessments, management of certification and accreditations of systems and security categorizations.
  • Identify & communicate vulnerabilities & risks and propose controls and procedures to mitigate them.
  • Support in coordination and preparation of formal responses to IT security inquires from internal and external authorities.
  • Assist to develop, coordinate, evaluate, and maintain a comprehensive business continuity and disaster recovery plan.
  • Conduct threat research and perform periodic risk assessments & penetration tests or security audits.
  • Respond to incident investigations, perform triage activities, and utilize structured methodologies to prevent, detect respond to threats.
  • Support control and vulnerability assessments to identify weaknesses and assess the effectiveness of existing controls, and recommends remedial action
  • Audit the configuration of systems and network devices to ensure adherence to security best practices
  • Monitor various equipment logs and network traffic to identify suspicious activity and then performs corrective action
  • Perform assessments and design reviews to provide risk assurance over existing and future solutions
  • Support cybersecurity monitoring and incident response activities

    Qualifications/special skills Academic Qualifications: First level University degree preferably in computer engineering or similar field is required. Experience: A minimum of five years experience of consulting related work experience in two or more of the following areas: Application security, Information systems security, Network security, IT security auditing, Information security risk assessment or risk management is required. Language: English and French are the working languages of the United Nations Secretariat. For this position, fluency in English is required. Knowledge of a second official United Nations language is an added advantage.

    No Fee THE UNITED NATIONS DOES NOT CHARGE A FEE AT ANY STAGE OF THE RECRUITMENT PROCESS (APPLICATION, INTERVIEW MEETING, PROCESSING, OR TRAINING). THE UNITED NATIONS DOES NOT CONCERN ITSELF WITH INFORMATION ON APPLICANTS’ BANK ACCOUNTS.

Potential interview questions

Can you describe a time when you had to manage a cybersecurity incident? This question assesses your practical experience with incident response. Discuss specific incidents you managed, including your role and the outcome.
How do you stay updated with the latest cybersecurity threats and trends? The interviewer wants to understand your approach to continuous learning in a fast-paced field. Pro members can see the explanation.
Describe your experience with cybersecurity frameworks such as ISO 27001. Pro members can see the explanation. Pro members can see the explanation.
What tools do you utilize for vulnerability assessments? Pro members can see the explanation. Pro members can see the explanation.
How have you collaborated with software developers to improve security practices? Pro members can see the explanation. Pro members can see the explanation.
Added 4 years ago - Updated 1 year ago - Source: careers.un.org