IT Assistant (Cybersecurity Analyst) (Cancelled)
Application deadline 9 months ago: Wednesday 4 May 2022 at 23:59 UTCOpen application form
Result of Service Secure, resilient and scalable: - Core infrastructure - Cloud infrastructure - Mobile and endpoints - Web applications
Work Location Beirut
Expected duration 6 months
Duties and Responsibilities Under the overall guidance of the Chief, ICTS, and direct supervision by the Team Lead, Infrastructure Network and Security unit, the IT Assistant (Cybersecurity Analyst) will perform the following tasks:
- Assist in defining and executing cybersecurity roadmap to improve cybersecurity controls and compliance objectives.
- Assist and manage the deployment, implementation, operation, support and maintenance of the Information Security Management System (ISMS) based on ISO 27000 series standards.
- Assist to implement enterprise security policies and standards in cloud environment.
- Collaborate with internal and external entities in obtaining and maintaining ISO 27001 certification.
- Support development, implementation, and maintenance of cybersecurity playbooks, runbooks, procedures and guidelines.
- Assist in the development, maintenance and implementation of enterprise policies and procedures related to cybersecurity
- Collaborate with software developers to ensure the appropriate security requirements are embedded in the correct phases of development.
- Working closely with software developers to improve development cycles, audit and automate release processes and then coordinate with operations to implement pushes and changes
- Assist in annual cybersecurity assessment process and all resulting remediation projects.
- Participate in systems security evaluations and review including development of systems security plans, implementation and maintenance of risk assessments, management of certification and accreditations of systems and security categorizations.
- Identify & communicate vulnerabilities & risks and propose controls and procedures to mitigate them.
- Support in coordination and preparation of formal responses to IT security inquires from internal and external authorities.
- Assist to develop, coordinate, evaluate, and maintain a comprehensive business continuity and disaster recovery plan.
- Conduct threat research and perform periodic risk assessments & penetration tests or security audits.
- Respond to incident investigations, perform triage activities, and utilize structured methodologies to prevent, detect respond to threats.
- Support control and vulnerability assessments to identify weaknesses and assess the effectiveness of existing controls, and recommends remedial action
- Audit the configuration of systems and network devices to ensure adherence to security best practices
- Monitor various equipment logs and network traffic to identify suspicious activity and then performs corrective action
- Perform assessments and design reviews to provide risk assurance over existing and future solutions
Support cybersecurity monitoring and incident response activities
Qualifications/special skills Academic Qualifications: First level University degree preferably in computer engineering or similar field is required. Experience: A minimum of five years experience of consulting related work experience in two or more of the following areas: Application security, Information systems security, Network security, IT security auditing, Information security risk assessment or risk management is required. Language: English and French are the working languages of the United Nations Secretariat. For this position, fluency in English is required. Knowledge of a second official United Nations language is an added advantage.
No Fee THE UNITED NATIONS DOES NOT CHARGE A FEE AT ANY STAGE OF THE RECRUITMENT PROCESS (APPLICATION, INTERVIEW MEETING, PROCESSING, OR TRAINING). THE UNITED NATIONS DOES NOT CONCERN ITSELF WITH INFORMATION ON APPLICANTS’ BANK ACCOUNTS.