Unit Head, Open Systems and Security Unit (P-4)

Application Deadline:	17 June 2012
Type/Duration of Appointment:	Fixed term, 3 years (subject to a probationary period of 1 year)

Organizational Setting

The International Atomic Energy Agency (IAEA) is an independent United Nations organization headquartered in Vienna, Austria with 153 Member States and a staff of over 2300 members, serving as the global focal point for international cooperation in the safe and peaceful use of nuclear energy. The Division of Information Technology provides support to the IAEA in the field of information and communication technology (ICT), including information systems for technical programmes and management. It is responsible for planning, developing and implementing an ICT strategy, for setting and enforcing common ICT standards throughout the Secretariat and for managing central ICT services. The IAEA's ICT infrastructure comprises state-of-the-art hardware and software platforms located in a central data centre. The Division has implemented an IT service management model based on ITIL (IT Infrastructure Library), Prince2 (Projects in a Controlled Environment) and ISO 27002 (Information Security) best practices. The IT Infrastructure Services Section is responsible for providing highly available, high performance and secure system services to over 2300 internal and a growing number of external users and for managing the data centre. The data centre consists of over 200 Microsoft Windows servers, 40 Unix/Linux servers and 1 IBM mainframe. The system services include information security, content management, database administration, print, file, server hosting, storage and web services.

Main purpose

As a member of the ISS management team led by the Section Head, the Open Systems and Security Unit (OSSU) Head manages a team of 8-10 system engineers and security professionals. He/she leads the OSSU team and is responsible for providing technical leadership, resource management and related projects. The incumbent provides leadership for information security and comprehensive system monitoring in ISS with an emphasis on proactive measures. He/She advises on planning, design and implementation of security and monitoring systems. Furthermore he/she is responsible for sustaining adequate service support measures and controls to ensure the availability, performance, capacity and crisis recovery of the security and monitoring systems to meet the requirements of the organization.

Role

The OSSU Unit Head performs the roles of supervisor, security & monitoring expert and project manager.

Partnerships

The OSSU Unit Head builds and maintains collaborative working relationships with a broad variety of internal and external counterparts with a focus on: internal customers; team members in the Section and advisory boards to provide authoritative guidance on technical issues; IT solution development teams to ensure solutions are designed to comply with the IAEA IT infrastructure and are within capacity plans, and to approve deployment plans; other teams to design and implement secure and reliable systems; and, external hardware and software vendors to address maintenance issues and initiatives aimed at the introduction of new technologies in the IAEA.

Functions / Key Results Expected

Planning: support the Section Head in developing and implementing annual work and resource plans. Assess their applicability within the overall ICT strategy. Recognize and actively seek ways to secure and monitor the ISS assets and services. Leadership: provide OSSU with a clear direction, delegate work and motivate staff. Security Management: provide leadership, provide guidance by delivering a high/level security roadmap based on ISO 27002, develop, propose and recommend security solutions, implement appropriate procedural and technical access control mechanisms, perform security assessments, forensic analysis and vulnerability testing and make recommendations for corrective actions. Monitoring: provide leadership, develop, propose and recommend comprehensive infrastructure, system and security monitoring solutions, implement appropriate procedural and technical control mechanisms, perform security assessments and testing and make recommendations for corrective actions. Service Management: take overall responsibility for ensuring the availability, performance and security of services within agreed service levels. Lead the development of related procedures and standards for the IAEA-wide IT infrastructure. In particular sustain an adequate IT crisis recovery plan and exercise regime. Project Management: plan, monitor and control projects using the PRINCE2 methodology. Problem Solving: investigate and resolve problems for services within his/her own area of responsibility, delegate to team members as appropriate, following ITIL processes, manage major incidents and bring them to a satisfactory closure.

Knowledge, Skills and Abilities

Technical expertise: Thorough knowledge of IT infrastructure: Windows & Linux based systems, networking (e.g. Cisco) and information systems security principles, practices and technologies; Knowledge of at least some of the following technical fields is desirable: information security, monitoring systems, Firewall, IDS/IPS, Windows, Linux and networking (Cisco); Understanding of Internet protocols and services; Knowledge of the principles, practices and processes of ITIL for service management and PRINCE2 for project management or similar methodologies is desirable. Leadership and management skills: demonstrated ability to lead a team, providing clear direction, motivating staff, managing their performance appropriately and fairly, and dealing with possible conflicts. Excellent problem-solving skills. Good interpersonal skills with the ability to interact with customers and colleagues in a courteous and friendly manner and to work in a multicultural environment with sensitivity and respect for diversity. Results-orientation: positive goal-oriented attitude in the workplace.

Education, Experience and Language Skills

Advanced university (or equivalent) degree in computer science or a related field. Information systems security certification highly desirable. Minimum of seven years of professional experience as a systems and/or security engineer in a large and complex IT enterprise environment (200+ servers). These should include five years of hands-on configuration, administration and troubleshooting experience of operating. Extensive experience with infrastructure monitoring systems, tools and techniques (e.g. SCOM, Nagios). Extensive experience with security monitoring systems, tools and techniques (e.g. SIEM). Extensive experience in information security, including vulnerability testing and security assessments. Experience with backup/restore techniques & tools (e.g. NetBackup), IT crisis recovery planning and exercises. Experience in managing a team of specialized IT staff. Experience in IT service management (i.e. ITIL), supporting innovation and managing change. Experience with the formulation and delivery of IT projects (e.g. Prince2). Excellent knowledge of written and spoken English essential. Knowledge of German and/or other official IAEA languages (Arabic, Chinese, French, Russian, Spanish) an advantage.

Remuneration

The IAEA offers an attractive remuneration package including a tax-free annual net base salary starting at US $67 483 (subject to mandatory deductions for pension contributions and health insurance), a variable post adjustment which currently amounts to US $40 085*, dependency benefits, rental subsidy, education grant, relocation and repatriation expenses; 6 weeks' annual vacation, home leave, pension plan and health insurance. How to apply to the IAEA Complete an Online Application * Subject to change without notice

Applications from qualified women and candidates from developing countries are encouraged Applicants should be aware that IAEA staff members are international civil servants and may not accept instructions from any other authority. Staff members may be assigned to any location. The IAEA retains the discretion not to make any appointment to this vacancy, to make an appointment at a lower grade or with a different contract type, or to make an appointment with a modified job description or for shorter duration than indicated above. Testing may be part of the recruitment process.