Digital Security Assistant - Paris, France - UNESCO

UNESCO

Entreprise vérifiée

Paris, France

il y a 2 jours

Posté par:

Sophie Dupont

beBee Recruiter

Description

OVERVIEW

Post Number:
DBS 151

Grade:
G-5

Parent Sector:
Bureau for Digital Business Solutions (DBS)

Duty Station:
Paris

Job Family:
Computer Sciences / Information Technologies

Type of contract:
Fixed Term

Duration of contract: 2 years (Expected entry on duty on 01/01/2024)

Application Deadline (Midnight Paris Time): 16-JUN-2023

UNESCO Core Values:
Commitment to the Organization, Integrity, Respect for Diversity, Professionalism

Applicants must be entitled to live and work in France.

OVERVIEW OF THE FUNCTIONS OF THE POST

The post is located within the Bureau of Digital Business Solution (DBS), Digital Security, Archives and Digital Assets Section (SAA), Digital Security Team (DSE).

Under the overall authority of the Chief Information and Technology Officer (CITO) and under the direct supervision and guidance of the Senior Cybersecurity and Digital Assets manager (CISO), t he incumbent will be part of a small team with multiple functions and with daily working relations across the Secretariat.

In accordance with the general policies, rules and guidelines of UNESCO, t he incumbent is responsible for implementing cybersecurity human risk management and compliance activities, including (1) organization-wide and targeted security awareness training, (2) reporting and coordinating the phishing campaign simulations, and (3) coordination and communication aspects of the vulnerability management program.

Major Activities, Nature of the work

Main responsibilities include:

Under the supervision of the CISO, identify the needs, deploy, and supervise the delivery of security awareness trainings for all UNESCO employees to promote a culture of security within the organization.

Provide management with metrics and report to measure training impact and organizational compliance.

Coordinate phishing simulation campaigns to test and improve the organization's defenses against phishing attack. Ensure coordination with third party vendors. Contribute to the creation of original campaigned contextualized and adapted to the organization. Provide periodic metrics and reporting to the management.

Assist the CISO in managing communication with governance bodies, including security committees and working groups, follow up with audit recommendations.

Maintain security reporting and metrics to measure the effectiveness of security programs and to identify areas for improvement.

Assist the CISO in documenting and preparing presentations to management, sectors and programs, and field offices; supports the communication with governance bodies and maintains the audit recommendations register.

Support the Vulnerabilities Management program:

ensure the asset inventory is kept up-to-date, document the remediation plan and liaise with partners and project owners, document response and prepare monthly report for CISO and management.

Help the CISO in the production of regular and ad-hoc security reports and metrics, and support the communication with governance bodies and maintain the audit recommendation register.

Additional activities that may be required to ensure the success of the work team.

The Digital Security Assistant is expected to:
Do researches on the activities (particularly phishing and training) to come up with creative and realistic scenarios/ideas.

Work autonomously on recurring program delivery, under the supervision of the CISO and with the assistance of the Digital Security Team.

Play a key role in promoting awareness and education to mitigate this risk, joining the organization's high priority on cybersecurity strategy.

Have a strong team spirit, capability of knowledge sharing and flexibility are essential requirements for the implementation of the functions of the post.

COMPETENCIES (Core / Managerial) Accountability (C) Communication (C) Planning and organizing (C) Results focus (C) Teamwork (C) Professionalism (C) Knowledge sharing and continuous improvement (C) - For detailed information, please consult the UNESCO Competency Framework.

REQUIRED QUALIFICATIONS
Education

Completed secondary, technical and/or vocational education in the field of IT.

Work Experience

Five (5) years of work experience in the field of digital security, or higher education degree Bachelor in the field of digital security.

Skills and competencies

Utmost discretion and integrity.

Service-oriented and ability to deal efficiently and tactfully with people of different cultural backgrounds.

Attention to detail and meticulousness.

Judgment and ability to work autonomously.

Ability to take initiatives and provide quality and timely support services.

Good Knowledge of IT tools with proficiency in the use of MS Office (Outlook, Word, Excel, PowerPoint, etc.)

Languages

Excellent knowledge of English or French.

DESIRABLE QUALIFICATIONS
Certifications

Entry-level cybersecurity certification is a plus (Comptia Security+, Microsoft Technology Associate (MTA) Security Fu