Org. Setting and Reporting

The Department of Operational Support (DOS) was established to provide end-to-end operational support, advisory services, and other solutions to operating entities across the Secretariat, including departments, offices away from headquarters, peace operations, and regional commissions. The Regional Service Centre in Entebbe, Uganda (RSCE), was established in July 2010, following the adoption of General Assembly resolution 64/269. The Centre provides efficient, client-oriented, and scalable services with the goal of moving transactional, non-location-dependent administrative functions to the Centre from its client entities. This includes transactional elements of human resources, finance, multimodal movement, and control, personnel and cargo transport and information and communications technology (ICT) support. In addition to these services, the RSCE Office of the Director and support offices through the Deputy Director RSCE provides overall guidance on the operations of the RSCE including strategic planning, communication, budgeting, human resources management, property management, quality assurance and business intelligence, conference services, record keeping and archive management, and audit response and risk management. For more information, please visit https://rsce.unmissions.org. This position is in the Regional Information Security and Compliance Unit of the Regional Field Technology Service (RFTS) in the Regional Service Centre Entebbe. The Cyber Security Assistant at this level reports to the Head of Regional Information Security and Compliance Unit.

Responsibilities

• Support the identification, analysis, evaluation, and mitigation of risks to information technology, communications, and data systems in collaboration with stakeholders. • Support implementation of cyber security procedures and guidelines at the organizational unit level for secure information communications and technology (ICT) as required for compliance. • Communicate cyber security procedures and standards to employees, contractors, and other relevant partners. • Assist the regular assessments of the entity’s infrastructure to identify potential vulnerabilities, prioritising and categorising the risks, and contribute to the development of implementation plans to remediate or mitigate them. • Generate and communicate operational vulnerability reports to relevant colleagues (e.g., system owners). • Support the implementation of the cyber security advisories to mitigate vulnerabilities. • Assist cyber security investigations and events related to information technology, communications and data systems, networks and devices. • Assist the coordinated incident response, digital forensics, and authorised investigation efforts through close collaboration with internal business units and external partners. • Provide assistance to the implementation and testing of Disaster Recovery Plans (DRPs). • Assist with management and monitoring of ICT assets for performance to ensure effective security measures are in place. • Assist in coordinating with non-compliant sections/units and systems owners and escalate issues as appropriate. • Keep abreast of the current and emerging security issues, risks, threats, vulnerabilities, and advancements in cyber security techniques and technologies. • Provide input to the security awareness trainings and other communications to increase personnel understanding of cyber security policies, procedures and regulatory requirements set by the UN. • Provide security guidance to users and ICT specialists to ensure the security of the Organization and achieve compliance. • Maintain confidentiality and integrity and handle sensitive information with discretion ensuring compliance with the data privacy, security requirements, and standards. • Provide assistance to the activities related to changes to the Organization, business processes, information processing facilities, and systems to ensure that effective internal controls are in place. • Assist with the collection and analysis of data as well as preparation of data presentations and reports for information sharing, responding to queries, knowledge management, planning and decision making.

Competencies

Professionalism: Knowledge of current, new, and emerging information and cyber security technologies and the ability to adapt to changes. Knowledge of current and emerging cyber security threat landscape, attack methodologies, tools, technologies, and mitigation/remediation methods. Ability to analyse network traffic and apply techniques for detecting host and network-based intrusions using intrusion detection technologies. Shows pride in work and in achievements; demonstrates professional competence and mastery of subject matter; is conscientious and efficient in meeting commitments, observing deadlines, and achieving results; is motivated by professional rather than personal concerns; shows persistence when faced with difficult problems or challenges; remains calm in stressful situations. Commitment to implementing the goal of gender equality by ensuring the equal participation and full involvement of women and men in all aspects of work. Teamwork: Works collaboratively with colleagues to achieve organizational goals; solicits input by genuinely valuing others’ ideas and expertise; is willing to learn from others; places team agenda before personal agenda; supports and acts in accordance with final group decision, even when such decisions may not entirely reflect own position; shares credit for team accomplishments and accepts joint responsibility for team shortcomings. Planning& Organizing: Develops clear goals that are consistent with agreed strategies; identifies priority activities and assignments; adjusts priorities as required; allocates appropriate amount of time and resources for completing work; foresees risks and allows for contingencies when planning; monitors and adjusts plans and actions as necessary; uses time efficiently. Technological Awareness: Keeps abreast of available technology; understands applicability and limitation of technology to the work of the office; actively seeks to apply technology to appropriate tasks; shows willingness to learn new technology.

Education

High school diploma or equivalent is required.

Job – Specific Qualification

An active level certificate in Information Security (e.g., CISM, CISSP or equivalent) is required.

Work Experience

A minimum of seven (7) years of progressively responsible experience using knowledge of cyber threats, network and application security principles, common vulnerabilities, and exploits is required and should be evident in the employment details in the application. The minimum years of relevant experience is reduced to five (5) years for candidates who possess a first level degree or higher. Use of skills to conduct research such as systematic data collection and analysis of information from various sources is desirable. Use of ability to identify systemic security issues based on the analysis of vulnerability and configuration data is desirable.

Languages

English and French are the working languages of the United Nations Secretariat. For the position(s) advertised, fluency in oral and written English is required. Knowledge of French is desirable.

Assessment

Evaluation of qualified candidates may include an assessment exercise which may be followed by competency-based interview.

Special Notice

This post is funded for an initial period of one year and may be subject to extension. This position is subject to local recruitment pursuant to staff rule 4.4 of the United Nations Staff Rules. All staff in the General Service and related categories shall be recruited in the country or within commuting distance of each office, irrespective of their nationality and of the length of time they may have been in the country. A staff member subject to local recruitment shall not be eligible for the allowances or benefits exclusively applicable to international recruitment. The United Nations Secretariat is committed to achieving 50/50 gender balance and geographical diversity in its staff. Female candidates are strongly encouraged to apply for this position. Staff Members are subject to the authority of the Secretary-General and to assignment by him or her. In this context, all staff are expected to move periodically to new functions in their careers in accordance with established rules and procedures. An impeccable record for integrity and professional ethical standards is essential. At the United Nations, the paramount consideration in the recruitment and employment of staff is the necessity of securing the highest standards of efficiency, competence and integrity, with due regard to geographic diversity. All employment decisions are made on the basis of qualifications and organizational needs. The United Nations is committed to creating a diverse and inclusive environment of mutual respect. The United Nations recruits and employs staff regardless of gender identity, sexual orientation, race, religious, cultural and ethnic backgrounds or disabilities. Reasonable accommodation for applicants with disabilities may be provided to support participation in the recruitment process when requested and indicated in the application.

United Nations Considerations

According to article 101, paragraph 3, of the Charter of the United Nations, the paramount consideration in the employment of the staff is the necessity of securing the highest standards of efficiency, competence, and integrity. Candidates will not be considered for employment with the United Nations if they have committed violations of international human rights law, violations of international humanitarian law, sexual exploitation, sexual abuse, or sexual harassment, or if there are reasonable grounds to believe that they have been involved in the commission of any of these acts. The term “sexual exploitation” means any actual or attempted abuse of a position of vulnerability, differential power, or trust, for sexual purposes, including, but not limited to, profiting monetarily, socially or politically from the sexual exploitation of another. The term “sexual abuse” means the actual or threatened physical intrusion of a sexual nature, whether by force or under unequal or coercive conditions. The term “sexual harassment” means any unwelcome conduct of a sexual nature that might reasonably be expected or be perceived to cause offence or humiliation, when such conduct interferes with work, is made a condition of employment or creates an intimidating, hostile or offensive work environment, and when the gravity of the conduct warrants the termination of the perpetrator’s working relationship. Candidates who have committed crimes other than minor traffic offences may not be considered for employment. Due regard will be paid to the importance of recruiting the staff on as wide a geographical basis as possible. The United Nations places no restrictions on the eligibility of men and women to participate in any capacity and under conditions of equality in its principal and subsidiary organs. The United Nations Secretariat is a non-smoking environment. Reasonable accommodation may be provided to applicants with disabilities upon request, to support their participation in the recruitment process. By accepting a letter of appointment, staff members are subject to the authority of the Secretary-General, who may assign them to any of the activities or offices of the United Nations in accordance with staff regulation 1.2 (c). Further, staff members in the Professional and higher category up to and including the D-2 level and the Field Service category are normally required to move periodically to discharge functions in different duty stations under conditions established in ST/AI/2023/3 on Mobility, as may be amended or revised. This condition of service applies to all position specific job openings and does not apply to temporary positions. Applicants are urged to carefully follow all instructions available in the online recruitment platform, inspira, and to refer to the Applicant Guide by clicking on “Manuals” in the “Help” tile of the inspira account-holder homepage. The evaluation of applicants will be conducted on the basis of the information submitted in the application according to the evaluation criteria of the job opening and the applicable internal legislations of the United Nations including the Charter of the United Nations, resolutions of the General Assembly, the Staff Regulations and Rules, administrative issuances and guidelines. Applicants must provide complete and accurate information pertaining to their personal profile and qualifications according to the instructions provided in inspira to be considered for the current job opening. No amendment, addition, deletion, revision or modification shall be made to applications that have been submitted. Candidates under serious consideration for selection will be subject to reference checks to verify the information provided in the application. Job openings advertised on the Careers Portal will be removed at 11:59 p.m. (New York time) on the deadline date.

No Fee

THE UNITED NATIONS DOES NOT CHARGE A FEE AT ANY STAGE OF THE RECRUITMENT PROCESS (APPLICATION, INTERVIEW MEETING, PROCESSING, OR TRAINING). THE UNITED NATIONS DOES NOT CONCERN ITSELF WITH INFORMATION ON APPLICANTS’ BANK ACCOUNTS.