Under the direct supervision of the Head of the Security and Safety Division, the incumbent will ensure the security of information at the Court by developing, implementing and maintaining an organization wide, multi-faceted information security programme and related audit and control mechanisms. The postholder should have an adequate depth and breadth of knowledge of security investigations and information security practices and applications to ensure that the best updated practices are applied. S/he should be familiar with contemporary complex electronic and computer security systems. The postholder will be required to conduct complex investigations into information security violations. S/he will have the following duties:
- Drafting and establishing policies and procedures necessary to ensure the preservation of confidentiality, integrity and the continued availability of the information assets of the Court, while recognizing the impact on end users.
- Producing and maintaining an information centric threat assessment resulting in the identification and assessment of risks to the information assets of the Court, ensuring that the business processes address the information security risks.
- Defining technical and procedural security controls and audits in the realm of information security, addressing the protection of all information processed, whether electronically, verbally, via paper or any other format.
- Monitoring the implementation of all ICT-related security procedures; receiving and investigating security incident reports, assessing/reporting weaknesses in ICT security (i.e., access control, security of cables, maintenance and destruction of equipment, operating procedures, treatment of incidents, function separation, capacity planning, system acceptance, disaster recovery, change management, virus control, data handling, media handling, communication procedures, security of system documentation, authorization privileges, password use, backup security and handling, separation of networks, user identification, test procedures for hardware and software, etc.).
- Performing complex investigations into serious non ICT related information security violations.
- Developing a proactive approach to the Court’s applications and systems development by participating in ICT and information related projects and initiatives.
- Liaising with all business units responsible for information, personnel, physical and IT security in order to ensure consistency of security controls in relation to information assurance.
- Promoting staff accountability in managing information security risks through briefings and awareness initiatives, including the development and delivery of information security awareness training targeted at a wide range of users and situations.
- Performing other related duties as assigned by the Head of the Security and Safety Division.
Qualifications and requirements:
- Completion of higher secondary education, or equivalent diploma, combined with additional professional qualifications and/or technical certificates in information security, IT security, information management or information systems.
- A recognized information security certification is highly desirable (i.e., CISSP, CISA, CISM, ITIL).
- At least 7 years of progressively responsible experience in the field of information security in an international context, preferably with previous relevant service in an international organization. Provision of information security support in a judicial environment is highly desirable.
- Experience in implementing and/or auditing information security programmes based on ISO 27001/27002 and a knowledge of other security standards is highly desirable, as is experience in implementing, monitoring and auditing international information standards such as ISO 17799.
- The incumbent needs to possess strong technical (IT) security skills, matched with the ability to work across all facets of the information security area and combined with excellent written (drafting) and verbal communication skills.
- Ability to work in a multicultural environment.
- Fluency in French and English is required, the two official and working languages of the Court; knowledge of other official languages of the United Nations, as well as Dutch, would be an asset.
Depending on professional background, experience and family situation, a competitive compensation and benefit package is offered.
PLEASE NOTE THAT APPLICATIONS RECEIVED AFTER THE DEADLINE WILL NOT BE ACCEPTED
How to apply:
Applicants are requested to complete a United Nations Personal History Form (P.11) and to submit a cover letter.
All applicants are strongly encouraged to send their application by e mail, addressed to the Registrar of the Court, clearly indicating the vacancy announcement number.
Fax: +31 70 364 99 28
Only applications from candidates under serious consideration will be acknowledged.
The Registrar reserves the right not to appoint any candidate to the post, or to appoint one at a lower level or on the basis of a modified description. Applications that are found by the Court to meet the above criteria may be added to a reserve list in case a similar vacancy arises in the future.
|United Nations Personal History Form (P.11)|
|United Nations Salaries, Allowances, Benefits and Job Classification website|