|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Job Opening
|
|
|
|
|
|
|
|
|
|
|
|
|
Posting Title: |
|
Information Security Officer, P3
|
|
Job Code Title: |
|
INFORMATION SYSTEMS OFFICER
|
|
Department/ Office: |
|
Economic Commission for Africa
|
|
Duty Station: |
|
ADDIS ABABA
|
|
Posting Period: |
|
21 April 2014-20 May 2014
|
|
Job Opening number: |
|
14-IST-ECA-33766-R-ADDIS ABABA (X)
|
|
Staffing Exercise ID: |
|
N/A
|
|
|
|
|
|
United Nations Core Values: Integrity, Professionalism, Respect for Diversity
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Org. Setting and Reporting
|
|
|
|
This position is located in the United Nations Economic Commission for Africa (UNECA) Information Technology & Umoja Support Section (ITUSS) of the Public Information and Knowledge Management Division (PIKMD). The incumbent works under the direct supervision of Chief of the ITUSS.
|
|
|
|
Responsibilities
|
|
|
|
Information Security Development: - Participates in the review and development of UN-system-wide information security policies, along with related standards and guidelines, as a member of the secretariat-wide ICT working group, - Develops adaptations or additional information security policies, standards and guidelines to meet the specific requirements at ECA Headquarters; its five sub-regional offices and IDEP, - Provides the perspective of adaptations or improvements required in policies, standards or guidelines when participating in reviews of operating procedures, - Keeps abreast of developments in the field to ensure that ECA’s security policies, standards and guidelines remain current, Information Security Policy Governance: - Ensures proper coordination of the implementation of secretariat-wide and local information security policies - Promotes and enforces these policies for ECA - Monitors compliance with information security policies, guidelines and standards - Coordinates the response to information security incidents locally; shares security alerts with affected operational functionaries - Validates the correct implementation of security controls before systems enter production, when participating in quality assurance activities, Information Security Client Services: - Provides expert advice on the security architecture and on the configuration of complex systems; - Carries out regular and scheduled security penetration tests for systems and applications; - Directs scheduled information risks assessments for all ECA duty stations; improves risk management by introducing specific mitigation measures; - Analyzes the root causes of information security incidents; develops and introduces additional preventive controls and operational improvements - Guides project owners in defining their security requirements; communicates risks and documents risk acceptance - Raises awareness on information security issues of ECA personnel; contributes to awareness-raising secretariat-wide initiatives - Provides information security training to end users, project owners and ICT professionals
|
|
|
|
Competencies
|
|
|
|
•Professionalism: Expert knowledge in the field of information security; Certification/training in Information Security (such as CISSP, CISM) is highly desirable; Knowledge/experience of the ISO27000, ITIL and CobiT frameworks are highly desirable; Familiarity with project management methodologies (such as Prince2) is an added advantage; Ability to work under pressure and provide high quality deliverables in difficult situations; Takes responsibility for incorporating gender perspectives and ensuring the equal participation of women and men in all areas of work.
• Communication: Speaks and writes clearly and effectively; listens to others, correctly interprets messages from others and responds appropriately; asks questions to clarify, and exhibits interest in having two-way communication; tailors language, tone, style and format to match audience; demonstrates openness in sharing information and keeping people informed.
• Technological Awareness: Keeps abreast of available technology; Understands applicability and limitations of technology to the work of the office ; Actively seeks to apply technology to appropriate tasks; Shows willingness to learn new technology.
|
|
|
|
Education
|
|
|
|
Advanced university degree (Master's degree or equivalent) in computer science, information systems, mathematics, statistics or related field. A first-level university degree in combination with qualifying experience may be accepted in lieu of the advanced university degree.
|
|
|
|
Work Experience
|
|
|
|
A minimum of five years of progressively responsible experience in planning, design, development, implementation and maintenance of computer information systems or related area. Experience in implementing an information security programme is highly desirable.
|
|
|
|
Languages
|
|
|
|
Fluency in one of the working language of the UN Secretariat, English or French, (both oral and written) is required; knowledge of the other is desirable. Knowledge of another UN official language is an advantage.
|
|
|
|
Assessment
|
|
|
|
A written Assessment and competency-based interview will be conducted a part of the recruitment process for this position.
|
|
|
|
Special Notice
|
|
|
|
Extension of the appointment is subject to Extension of the mandate and/or the availability of the funds.
Staff members are subject to the authority of the Secretary-General and to assignment by him or her. In this context, all staff are expected to move periodically to new functions in their careers in accordance with established rules and procedures. UNECA is committed to promoting geographical distribution and gender equality within its Secretariat. Women candidates are strongly encouraged to apply.
|
|
|
|
United Nations Considerations
|
|
|
|
The United Nations shall place no restrictions on the eligibility of men and women to participate in any capacity and under conditions of equality in its principal and subsidiary organs. (Charter of the United Nations - Chapter 3, article 8). The United Nations Secretariat is a non-smoking environment.
Candidates will be required to meet the requirements of Article 101, paragraph 3, of the Charter as well as the requirements of the position. The United Nations is committed to the highest standards of efficiency, competence and integrity for all its human resources, including but not limited to respect for international human rights and humanitarian law. Candidates may be subject to screening against these standards, including but not limited to whether they have committed, or are alleged to have committed criminal offences and/or violations of international human rights law and international humanitarian law.
|
|
|
|
No Fee
|
|
|
|
THE UNITED NATIONS DOES NOT CHARGE A FEE AT ANY STAGE OF THE RECRUITMENT PROCESS (APPLICATION, INTERVIEW MEETING, PROCESSING, OR TRAINING). THE UNITED NATIONS DOES NOT CONCERN ITSELF WITH INFORMATION ON APPLICANTS’ BANK ACCOUNTS.
|
|
|
|
|
|
|
|
|
|
|
|
|