ICT Analyst Cybersecurity

nearmejobs.eu

Job Description

The Information and Communication Technology Section (ICTS) is responsible for the running operations of all ICT on-premises and cloud datacentres, cloud platforms and services, business applications, corporate websites, helpdesk, videoconferences, security services, hardware, software, network, and telecommunications services. This includes application system analysis, design, development and maintenance, local and global telecommunication networks, commercial hardware and software installation and operation (at both desktop and network levels), internet, and email. ICTS is also providing network and support services to other UN Agencies in UN Bonn Campus. ICTS is working in close collaboration with UNDP ITM department.

Duties and Responsibilities:

Under the Supervision of the Team Leader ICT Infrastructure, the ICT Analyst, Cybersecurity is responsible for comprehensive incident handling in accordance with policy and guidelines which includes how incidents are defined, reported, verified, tracked, contained, and recovered. Specifically, the incumbent will be involved with:

Developing solutions to automate cybersecurity tasks:

Maintaining a variety of cloud-native security solutions, including but not limited to: Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR), develop automation pipelines and custom scripts to reduce manual labour and minimize human error.
Monitoring and evaluating events, alerts, and notifications from the cyber security infrastructure for indications of suspicious/unauthorized activity.
Responding to detected or reported cyber security incidents.
Monitoring vendor and industry alerts, warnings, and security advisories, and follow up with appropriate system and service owners within the organization to ensure that corresponding risks are mitigated.
Promoting security best practices and plan security awareness trainings.
Collaborate with development teams to integrate security best practices into all phases of the SDLC.
Conduct security risk assessments, code reviews, and vulnerability assessments for UNV applications.
Develop (where not exist) and enforce UNDP security policies, standards, training and guidelines for team members and staff.
Perform threat modeling and security architecture reviews to identify potential risks.
Coordinate vulnerability scans with provider(s)
Coordinate “Red Teaming” exercises with all stakeholders.
Ensure incident response readiness for all UNV services.
Lead initiatives to improve overall UNV Cybersecurity posture, including automation of security testing.
Keep an update inventory of UNV digital assets and make sure all measures are taken to make them available to legitimate authorized users and untampered with (Availability, Confidentiality, Integrity).
Coach Application owners, Data owners, and Service owners on Backup and restore procedures and business continuity measures.
Work closely with UNDP security team to implement ISO27001/2 Information Management certification for UNV.
The incumbent performs other duties within their functional profile as deemed necessary for the efficient functioning of the Office and the Organization.

Required Skills and Experience:

Education:

Advanced university degree (master’s degree or equivalent) in Information Technology, Computer Science or Engineering, or related discipline is required. Or
A first-level university degree (bachelor’s degree) in the areas mentioned above, in combination with an additional two years of qualifying experience will be given due consideration in lieu of the advanced university degree.

Experience:

Applicants with a master’s degree (or equivalent) in a relevant field of study are not required to have professional work experience.
Applicants with a bachelor’s degree (or equivalent) are required to have a minimum of two (2) years of relevant professional experience in the areas of data management, computer science, DevOps, or related field at national or international level.

Language: