Header

ITU Head, ICT Security

ITU is the leading United Nations agency for information and communication technologies, with the mission to connect the world. To achieve this, ITU manages the radio-frequency spectrum and satellite orbits at the international level, works to improve communication infrastructure in the developing world, and establishes global standards that foster seamless interconnection of a vast range of communication systems. ITU also organizes global Telecom events bringing together the most influential representatives of government and the private sector to exchange ideas and knowledge for the benefit of all.
 
VACANCY NOTICE Nº  ITU/SG/IS/2012/P53
Date of Issue: 24 September 2012
Currently accepting applications
Applications from women are encouraged
Functions: Head, ICT Security Post Number: IS12/P5/796
Deadline for Applications (23.59 Geneva CH) : 26 November 2012
(58 day(s) until closing deadline)
Duration of Contract:  2 years  
Type of Appointment: Fixed-Term Appointment Duty Station:  Geneva, Switzerland
Grade: P5
 
Organ:
The General Secretariat directs all the administrative and financial aspects of the Union's activities, including the implementation of the provisions of the administrative regulations on operational questions, the dissemination of information on telecommunication matters for operational and other purposes, the provision of legal advice to the Bureaux of the Union and the departments of the General Secretariat, logistic support to the Union's activities including conferences, the coordination of the work of the Union with other international organizations, the dissemination of information to the Member States and Sector Members, press, corporate and individual users of telecommunications and the general public. The General Secretariat is also responsible for the organization of world telecommunication exhibitions and forums.
Organization Unit:
Within the General Secretariat, the Information Services Department (IS) is the focal point for the ITU information technology infrastructure which includes standards, user support and training, communication services (postal mail, voice, image, video, data), network services (file, print and computing), information exchange services (messaging, database, document base), desktop services (office productivity tools), administrative applications and software development environments. The Information Services Department manages the physical, human and organizational resources needed to design, deploy, operate, maintain and support the ITU information infrastructure. It also represents ITU in inter-organization meetings and committees related to information technology management.
 Duties / Responsibilities
Under the direction of the Chief, Information Services Department, the incumbent provides leadership for the overall strategy, policy development, risk assessments, communications and awareness efforts of the ICT security program. In particular, the incumbent:
  • Provides expert advice to the Chief, IS Department and works with executive management to determine acceptable levels of risk for the organization.
  • Designs and implements the program for risk assessment, security assurance (compliance/validation) and security monitoring. Coordinates the IS Department risk register.
  • Works proactively with IS Department management and operational staff on Information Security to:

    • Set common vision, objectives, strategies, principles for information security throughout the organization;
    • Ensure that the ICT strategy and architecture take into account information security requirements;
    • Develop, maintain and publish corporate information security standards, policies, procedures and guidelines;
    • Develop a security awareness program for ITU staff;
    • Protect the integrity, confidentiality and availability of information;
    • Guide the utilization of common management tools;
    • Oversee all common information security investments;
    • Put in place a coherent security architecture, meeting security requirements while responsive to businesses requirements;
    • Collaborate on the approaches needed to secure the organization and facilitate sharing of advice and knowledge (expertise).
  • Works with IS Department divisions to research, evaluate, design, test, recommend and plan implementation of new or improved information security hardware/software and procedures.
  • Works towards improving the organizational security architecture in order to achieve standardization over time.
  • Leads the IS Department information security team to ensure effective incident response.
  • Conducts ICT security audits to assess compliance with existing policy and procedures and recommend improvements to application and systems security and controls.
  • Represents ITU in inter-agency information security initiatives (e.g., the CEB ICT Network Information Security Special Interest Group); works closely with ICT Security Officers in the UN and other international organizations to improve organizational security practices through joint efforts and the adoption of best practices and liaises with vendors, partners, and consultants as required to stay abreast of industry trends, evaluate potential solutions, and leverage external expertise.
  • Performs any other duties which may be assigned to him/her.
  • Qualifications required
    Education:
    Advanced university degree in information technology, Information Security Management, systems engineering or a related field OR education in a reputed college of advanced education with a diploma of equivalent standard to that of an advanced university degree in one of the fields above. For internal candidates, a first university degree in one of the fields above in combination with fifteen years of qualifying experience may be accepted in lieu of an advanced university degree for promotion or rotation purposes.
    Experience:
    At least ten years of progressively responsible experience in Information Security Management, including at least five at the international level. A Doctorate in a related field can be considered as a substitute for three years of working experience.
    Languages:
    Knowledge of one of the six official languages of the Union (Arabic, Chinese, English, French, Russian, Spanish) at advanced level and knowledge of a second official language at intermediate level. Knowledge of a third official language would be an advantage. (Under the provisions of Resolution No. 626 of the Council, a relaxation of the language requirements may be authorized in the case of candidates from developing countries: when candidates from such countries possess a thorough knowledge of one of the official languages of the Union, their applications may be taken into consideration).
    Competencies:
  • Internationally-recognized certifications in Information Security such as ISC2 CISSP® - Certified Information Systems Security Professional, ISC2 CISSP®-ISSMP®: Information Systems Security Management Professional, or ISACA CSM: Certified Information Security Manager, are highly desirable.
  • Ability to formulate policies, procedures and to introduce new working methods and to communicate changes in an international organization.
  • Excellent analytical skills and the ability to document problems, assess impact and mitigate resolution of issues in a clear and concise manner.
  • Effective time management skills and multi-tasking capabilities; ability to work independently and effectively all at levels of a collaborative team environment.
  • Excellent communication skills (writing, speaking, negotiation and presentation).
  • Knowledge and understanding of relevant UN organizational structures, business processes, policies and procedures.
  • Excellent organizational skills including the ability to work under pressure.
  • Have a high sense of responsibility and integrity, and display initiative, commitment and diplomacy.
  • Remuneration
    Annual Salary: (Net of Tax)
    156,420.- USD - 189,835. - USD without dependants
    168,375. - USD - 206,362.- USD with dependants


    Applicants will be contacted directly if selected for written test. Interviews may be used as a form of screening.

    For further information concerning the Conditions of Employment please click the following link
    Head, ICT Security