Apply now »

Associate Digital Security Officer

OVERVIEW

Post Number : DBS 194

Grade : P-2

Parent Sector : Bureau for Digital Business Solutions (DBS)

Duty Station: Paris

Job Family: Computer Sciences / Information Technologies

Type of contract : Fixed Term

Duration of contract : 2 years, renewable

Recruitment open to : Internal and external candidates

Application Deadline (Midnight Paris Time) : 20-Mars-2025

 

UNESCO Core Values: Commitment to the Organization, Integrity, Respect for Diversity, Professionalism

 

OVERVIEW OF THE FUNCTIONS OF THE POST

This post is located within the Bureau of Digital Business Solution (DBS), under the direct supervision of the Head of Digital Security, Archives and Digital Assets Section. The overall objective of the role is to ensure the smooth ongoing operation of cybersecurity activities within UNESCO’s Digital Security team. 

 

The Associate Digital Security Officer will significantly engage and interact with internal and external IT technical teams and cybersecurity specialists. He/she works with the Digital Security Team and provides relevant and contextualized technical information to efficiently respond to incident, enhance organizational’ s resilience, and improve the cybersecurity posture of the Organization overall. The Associate Digital Security Officer will be a key part of a dynamic team kickstarting a major overhaul of IT infrastructure to support UNESCO’s accelerating digital transformation and move to the cloud.   

 

The work involves a range of assignments related to the development and maintenance a secure IT infrastructure and digital solutions, with the objective of ensuring reliability, resilience and compliance to protect UNESCO against external and internal cybersecurity threats.  

Long Description

The main responsibilities of the role are as follows: 

 

  • Manage Security Operations: Provide smooth and effective information security operations, ensuring the timely evolution of capability and adopting industry best practices; provide regular reporting to the Chief Information Security Officer. Maintain an up-to-date cartography of all resources, equipment and software ensuring optimum protection and detection against the main threats. Contribute to evaluating new security software, products, and services.
  • Supervise security monitoring and manage incident response: Manage the relationship and act as the main contact with the managed security service provider (SOC), ensuring compliance with the contract, and the relevance and responsiveness of the actions performed. In collaboration with the provider, manage information security incident response, investigate, take appropriate corrective actions to prevent future similar security breaches and provide thorough post-event analyses.  
  • Monitor security policy compliance: Exercise an advice and control function to ensure that UNESCO IT products and services comply with corporate security policies. Conduct regular security audits and risk assessments including developing scripts and solutions to review the security configuration of digital assets, propose and implement appropriate remediation measures to safeguard the information security posture of the Organization. Ensure that all products are configured according to vendors recommendations and best practices from an information security point of view. Monitor patch management frequency and scheduling, advise operational teams.
  • Other activites, for example: Keep abreast of and evaluate information security innovation, solutions, trends and Best Practices to respond to the continually evolving need to protect the digital assets of the Organization. 
    Support the drafting and implementation of digital security policies aligned to the risk tolerance of the Organization. Advise on digital security related matters as necessary.

COMPETENCIES (Core / Managerial)

Communication (C)
Accountability (C)
Innovation (C)
Knowledge sharing and continuous improvement (C)
Planning and organizing (C)
Results focus (C)
Teamwork (C)
Professionalism (C)

-

For detailed information, please consult the UNESCO Competency Framework.

REQUIRED QUALIFICATIONS

Education 

  • An advanced university degree (master’s or equivalent) in computer sciences, information security, information technology or a related field.

 

Work Experience  

  • At least two (2) years of relevant professional experience and proven capacity in threat analysis and security incident response, of which preferably 1 year acquired at international level.

 

Skills and Competencies 

  • In-depth knowledge and understanding of application security, cloud security (particularly Microsoft Azure), and systems security, as well as security solutions.
  • Good knowledge of operating systems, Windows and Linux, as well as networking protocols.
  • Broad knowledge of current and emerging technologies, industry trends and best practices together with demonstrated experience evaluating their strategic value.
  • Analytical skills and the ability to effectively troubleshoot and prioritize needs, requirements and other issues.
  • Good communication skills.

 

Languages 

  • Excellent knowledge (written and spoken) of English or French and good knowledge of the other language.

DESIRABLE QUALIFICATIONS

Education 

  • Professional Certifications in Comptia Sec+, Network+, CEH or Azure Security Engineer would be an asset.

 

Work experience 

  • Experience in an international and cross-cultural setting would be preferable.

 

 

Languages

  • Knowledge of another official language of UNESCO (Arabic, Chinese, Russian or Spanish).

BENEFITS AND ENTITLEMENTS

UNESCO’s salaries consist of a basic salary and other benefits which may include if applicable: 30 days annual leave, family allowance, medical insurance, pension plan etc.

The approximate annual starting salary for this post is 78 717 US $.

For full information on benefits and entitlements, please consult our Guide to Staff Benefits.

Footer

UNESCO recalls that paramount consideration in the appointment of staff members shall be the necessity of securing the highest standards of efficiency, technical competence and integrity. UNESCO applies a zero-tolerance policy against all forms of harassment. UNESCO is committed to achieving and sustaining equitable and diverse geographical distribution, as well as gender parity among its staff members in all categories and at all grades. Furthermore, UNESCO is committed to achieving workforce diversity in terms of gender, nationality and culture. Candidates from non- and under-represented Member States (last update here) are particularly welcome and strongly encouraged to apply. Individuals from minority groups and indigenous groups and persons with disabilities are equally encouraged to apply. All applications will be treated with the highest level of confidentiality. Worldwide mobility is required for staff members appointed to international posts.

UNESCO does not charge a fee at any stage of the recruitment process.

Please note that UNESCO is a non-smoking Organization. 

SELECTION AND RECRUITMENT PROCESS

Please note that all candidates must complete an on-line application and provide complete and accurate information. To apply, please visit the UNESCO careers website. No modifications can be made to the application submitted.

The evaluation of candidates is based on the criteria in the vacancy notice, and may include tests and/or assessments, as well as a competency-based interview. 

UNESCO uses communication technologies such as video or teleconference, e-mail correspondence, etc. for the assessment and evaluation of candidates.

Please note that only selected candidates will be further contacted and candidates in the final selection step will be subject to reference checks based on the information provided.

Apply now »