Information Security Officer

Position description

The Office of Confidentiality and Security, is located within the Office of the Director-General.

The Operations Security Section is responsible for the provision of safe workplaces and the protection of OPCW assets.

The Confidentiality and Information Security Section is responsible for the protection of information and communications systems, and assists States Parties and the Secretariat with the implementation of the confidentiality regime.

General Information

Contract Type: Fixed-term Professional

Grade: P3

Total Estimated monthly remuneration depending on post adjustment and family status: USD 8,298

Closing Date: 13/11/2024

Responsibilities

Job Summary

The Office of Confidentiality (OCS) sets the framework, provides the guidelines, institutes the measures and implements the provisions necessary to guarantee and enforce the fulfilment of the stringent OPCW confidentiality regime; operational security of the Secretariat’s assets; the security of all its electronic systems; the confidentiality of all classified material and its safeguarding. Whilst the security regime for the protection of personnel, property, operations and information are the responsibility and main objectives of the OCS, more widely OCS delivers security management in support of all OPCW missions, investigations and activities.

The Confidentiality and Information Security Section is responsible for the implementation and management of the confidentiality regime and information security programme by exercising both advisory and oversight of all information security aspects of all business processes and information, communication, technology (ICT)-related functions and responsibilities.

Main Responsibilities

Under the general supervision of the Head Confidentiality and Information Security Section, the Information Security Officer is responsible for the following:

Coordinate all aspects of the OPCW information security programme with daily management and implementation of information and ICT security measures to ensure the preservation of the confidentiality, integrity and availability of OPCW’s information.

• Serve as an information security focal point at the detailed technical level for all information security related programmes and projects and advises the Head Confidentiality and Information Security on all information security related matters;
• Ensure compliance with the organisational and relevant industry standards (i.e., ISO 27001) is maintained for all ICT, data systems and assets;
• Develop and maintain information security related policies, procedures, standards, and guidelines for secure ICT to support the mandate of the OPCW by maintaining an adequate balance between effective confidentiality and information security controls and an efficient and unimpeded discharge of the OPCW’s tasks;
• Communicate and enforce information security policies, procedures, standards, and guidelines to all personnel and relevant stakeholders;
• Conduct and review security audits of ICT service providers, to include the full supply chain, in accordance with the relevant contractual agreements;
• Perform routine security monitoring of all networks (internet connected and non-internet connected), to include identification of critical functions and vulnerabilities in accordance with relevant policies and procedures;
• Collaborate with staff members of other branches/units and relevant stakeholders to provide guidance on confidentiality and information security requirements to ensure the Organisation is compliant with the security standards;
• Monitor user access across all networks ensuring access to confidential and sensitive information is in line with that authorised within the framework of relevant policies and procedures.
• Ensure ICT assets are managed and monitored for performance to ensure effective security measures are in place;
• Participate in activities related to changes to the organisation, business processes, information process facilities and systems to ensure internal controls are in place.

To view the complete job outline please click here (https://jobs.opcw.org/fiche-metier/fiche-Information-Security-Officer–P-3-_216.aspx?LCID=2057).

Qualifications and Experience

Education

Essential: 

• Advanced university degree in information security or related field;
• A first level university degree in any relevant subjects in combination with qualifying experience (minimum 7 years) may be accepted in lieu of the specified university degree.

Required Certification: 

• Relevant industry certifications (e.g., CISSP, CISM, CCSP, etc.)

Desirable Certification: 

CRISC, GIAC, Vendor certifications, network administration, etc. 

Knowledge and Experience

Essential:

At least 5 years of relevant working experience in the information security profession (minimum 7 years with a first level university degree) with significant experience in information security implementation, to include practical experience in:

• Designing ICT security solutions;
• Experience in incident monitoring and security investigations;
• Experience in assisting and conducting of security risk assessments;
• Experience in advising on and testing of security of ICT environments;
• Firewall administration and monitoring;
• Experience in the supervision of operations within secure environments and information processing systems;

Desirable: 

• Experience with certificate authority management, Microsoft Office 365 Security, Cloud security, and digital forensics;
• Experience in an international organisation.

Skills and Competencies

Abilities (key competencies):

• Knowledge of information security principles and best practices;
• nowledge of industry standards and frameworks (e.g., NIST, ISO 27001, etc.)
• Experience in the development and drafting of information security-related policies.
• Hands on experience in using information security tools and technologies (e.g., SIEM, IDS/IPS, antivirus, firewalls, etc.);
• Excellent analytical and conceptualisation skills and an ability to plan and organise complicated processes;
• Excellent inter-personal, interview and negotiation skills;
• Excellent communication skills, with a demonstrated ability to present information clearly and logically both verbally and in writing;
• Demonstrated ability to draft, edit and present documents/papers in the English language;
• Ability to act with discretion and tact in sensitive situations;
• Ability to work well in a team with people of different national/cultural backgrounds.

Other Skills:

• Diplomacy and demonstrated ability to work in an international organisation with diverse cultures.

Languages

Fluency in English is essential and a good working knowledge of one of the other official languages (Arabic, Chinese, French, Russian, and Spanish) is desirable.

Application instructions

Please be sure to indicate you saw this position on tendersglobal.net