特别公告

The United Nations Joint Staff Pension Fund (UNJSPF) is an independent inter-agency body established by the United Nations General Assembly. The applicable human resources procedures are governed by a Memorandum of Understanding (MoU) between the Fund and the UN Secretariat.

Any candidate from a member organization of the UNJSPF applying for this post is considered as an internal candidate provided he/she has been appointed through the appointment and promotion procedures applicable in his/her respective organization.

Staff members are subject to the authority of the Secretary-General and to assignment by him or her. In this context, all staff are expected to move periodically to new functions in their careers in accordance with established rules and procedures.

Appointment at the United Nations is subject to mandatory adherence to the United Nations Financial Disclosure Programme.


UN Considerations:

Job openings posted on the Careers Portal are taken off at midnight (New York time) on the deadline date.

Applications are automatically pre-screened according to the published evaluation criteria of the job opening on the basis of the information provided by applicants. Applications cannot be amended following submission and incomplete applications shall not be considered. The selected candidate will be subject to a reference checking process to verify the information provided in the application.

Applicants are urged to follow carefully all instructions available in the online recruitment platform, inspira. For more detailed guidance, applicants may refer to the At-a-Glance on "The Application Process" and the Instructional Manual for the Applicants, which can be accessed by clicking on “Manuals” on the upper right side of the browser on Inspira.

The United Nations shall place no restrictions on the eligibility of men and women to participate in any capacity and under conditions of equality in its principal and subsidiary organs. (Charter of the United Nations - Chapter 3, article 8). The United Nations Secretariat is a non-smoking environment.

Candidates will be required to meet the requirements of Article 101, paragraph 3, of the Charter as well as the requirements of the position. The United Nations is committed to the highest standards of efficiency, competence and integrity for all its human resources, including but not limited to respect for international human rights and humanitarian law. Candidates may be subject to screening against these standards, including but not limited to whether they have committed, or are alleged to have committed criminal offences and/or violations of international human rights law and international humanitarian law.

设置和报告

This position is located in the Information Management Systems Service (IMSS) in the United Nations Joint Staff Pension Fund (UNJSPF).

The mandate of this team is to protect UNJSPF data and systems from unlawful and malicious acts by unknown sources, through a combination of policy development and enforcement, corrective actions, security projects and monitoring of staff and systems used to transport and store UNJSPF data.

The Information Systems Officer (IT Security Officer) reports to a Senior Information Systems Officer (IT Security Officer).

工作内容

Within limits of delegated authority, the Information Security Officer is responsible for the following duties:

• Participates in the review and development of information security policies, and related standards and guidelines.
•Coordinates the implementation local information security policies. Ensures promotion and enforcement of these policies.
•Manages projects involving feasibility studies, systems analysis, design, development and implementation of new, moderately complex systems, and/or, participates as a member of a development team with responsibility for major components of the more complex systems.
•Develops detailed system and other functional specifications and user documentation for major systems.
•Provides leadership, vision, and direction on information security to the ICTS staff and Senior Management. Oversees and coordinates all aspects of alignment of the ICTS’ Information Security Management System (ISMS) with ISO 27001.
•Develops and maintains the information security management system, including information risks across the Organization. Establishes an information security and risk management functional capability and framework across the organization. Establishes processes to respond in a timely and proactive manner to significant information security breaches.
•Conducts information security risk assessments across the enterprise at suitable intervals. Ensures that key risk issues are understood, communicated, and tracked as required. Regularly verifies that required information security and risk controls are in place, raising findings as noncompliance is found and driving improvement.
•Monitors, manages, and deploys security controls as appropriate to support business needs while minimizing risk. Oversees the close management and analysis of security information and events.
•Develops training materials, operating and user manuals; trains staff in assigned systems.
•Develops disaster recovery plans and ensures appropriate planning and training of those responsible.
•Researches, analyzes and evaluates new technologies and makes recommendations for their deployment.
•Participates in writing reports and papers on systems-related topics, system requirements, information strategy, etc.
•Facilitates communications between UNJSPF and its clients for good client relations. Serves as coordinator in the development of Service Level Agreements (SLAs) between the client and UNJSPF, for either specific IT services or general technology support, including any charge back mechanisms.
•Handles all aspects of contract administration including establishment of service level agreements with vendors and chargeback policy for users.
•Provides expert advice on the security architecture and configuration of complex systems.
•Provides guidance to, and may supervise, new/junior staff, consultants, etc.

工作要求

• PROFESSIONALISM: Knowledge of information technology/information management, particularly in systems analysis, database design and programming. Knowledge of the enterprise information security architecture discipline, processes, concepts, and best practices. Knowledge of technological trends and developments in the area of information security and risk management. Knowledge of firewalls, anti-virus, intrusion detection/intrusion prevention systems, virtual private networks, remote access systems, network zoning, centralized monitoring, and application scanning. Strong analytical and problem-solving skills. Knowledge of organization’s information infrastructure and IT strategy as it relates to information management and information security; develops innovative approaches to resolve a wide range of issues/problems.Conceptual and strategic analytical capacity to understand information system and business operational issues so as to thoroughly analyze and evaluate critical systems matters. Knowledge of IT Service Management best practices and information security and risk control frameworks such as COBiT, ISO 27001, ISO 31000. Shows pride in work and in achievements; demonstrates professional competence and mastery of subject matter; is conscientious and efficient in meeting commitments, observing deadlines and achieving results; is motivated by professional rather than personal concerns; shows persistence when faced with difficult problems or challenges; remains calm in stressful situations. Takes responsibility for incorporating gender perspectives and ensuring the equal participation of women and men in all areas of work.

• PLANNING & ORGANIZING: Develops clear goals that are consistent with agreed strategies; identifies priority activities and assignments; adjusts priorities as required; allocates appropriate amount of time and resources for completing work; foresees risks and allows for contingencies when planning; monitors and adjusts plans and actions as necessary; uses time efficiently.

• ACCOUNTABILITY: Takes ownership of all responsibilities and honours commitments; delivers outputs for which one has responsibility within prescribed time, cost and quality standards; operates in compliance with organizational regulations and rules; supports subordinates, provides oversight and takes responsibility for delegated assignments; takes personal responsibility for his/her own shortcomings and those of the work unit, where applicable.

专业要求

Advanced university degree (Master’s degree or equivalent degree) in computer science, information systems, mathematics, statistics or related field. A first-level university degree in combination with two additional years of qualifying experience may be accepted in lieu of the advanced university degree. Formal certification in information systems security, such as CISM, CCISP, CISSP or equivalent is required. Formal certification in project management methodology (such as Prince2) and in ITIL or equivalent is desirable.

工作经验

A minimum of five years of progressively responsible experience in planning, design, development, implementation and maintenance of computer information systems or related area. Experience in managing IT projects and resources is required. Experience in information security architecture and in implementing an information security program is desirable.

语言要求

English and French are the working languages of the United Nations Secretariat. For this position fluency in English is required; knowledge of another official UN language is desirable.

评估

Evaluation of qualified candidates may include an assessment exercise which may be followed by competency-based interview.

联合国方面的考虑

According to article 101, paragraph 3, of the Charter of the United Nations, the paramount consideration in the employment of the staff is the necessity of securing the highest standards of efficiency, competence, and integrity, including but not limited to, respect for international human rights and humanitarian law. Candidates may be subject to screening against these standards, including but not limited to, whether they have committed or are alleged to have committed criminal offences or violations of international human rights law and international humanitarian law.

Due regard will be paid to the importance of recruiting the staff on as wide a geographical basis as possible. The United Nations places no restrictions on the eligibility of men and women to participate in any capacity and under conditions of equality in its principal and subsidiary organs. The United Nations Secretariat is a non-smoking environment.

Applicants are urged to follow carefully all instructions available in the online recruitment platform, inspira. For more detailed guidance, applicants may refer to the At-a-Glance on "The Application Process" and the Instructional Manual for the Applicants, which can be accessed by clicking on “Manuals” hyper-link on the upper right side of the inspira account-holder homepage.

The screening and evaluation of applicants will be conducted on the basis of the information submitted in the application according to the evaluation criteria of the job opening and the applicable internal legislations of the United Nations including the Charter of the United Nations, resolutions of the General Assembly, the Staff Regulations and Rules, administrative issuances and guidelines. Applicants must provide complete and accurate information pertaining to their personal profile and qualifications, including but not limited to, their education, work experience, and language skills, according to the instructions provided on inspira. Applicants will be disqualified from consideration if they do not demonstrate in their application that they meet the evaluation criteria of the job opening and the applicable internal legislations of the United Nations. Applicants are solely responsible for providing complete and accurate information at the time of application: no amendment, addition, deletion, revision or modification shall be made to applications that have been submitted. Candidates under serious consideration for selection will be subject to a reference-checking process to verify the information provided in the application.

Job openings advertised on the Careers Portal will be removed at midnight (New York time) on the deadline date.