OBJECTIVES OF THE PROGRAMME
The department of Information Management and Technology has an operational and strategic role. On the one hand, the department provides relevant, quality, reliable, and cost effective IT services in order for the Organization to achieve its health mandate. On the other hand, it aims to be a strategic enabler for WHO by creating partnerships with business units (administrative and health technical), capturing business needs, establishing and managing projects to address these requirements.The work of the department is categorized under the WHO's programme of Corporate services and enabling functions (Category 6) with specific focus on Effective management and administration established across the organization (6.4).The Cybersecurity team provides and develops secure and resilient digital assets which enable and advance WHO's mission.
DESCRIPTION OF DUTIES
- Conduct logging (users, applications, networks, systems, access to physical assets, etc.).
- Collect sources of intelligence (adversary behaviors, active incidents, national and international events, etc.).
- Perform security audits, application and infrastructure level vulnerability testing.
- Monitor logs and other sources of information (users, applications, networks, systems, access to physical assets, etc.). Develop solutions to help mitigate security vulnerabilities related to process, people and technology.
- Conduct situational awareness based on intelligence and threat information, and formulate and report an operational view of the external environment.
- Provide responsive information to Computer Security Incident Response Teams (CSIRT's) Conduct research to identify vulnerabilities and their impact, risk analysis, advise on criticality.
- Coordinate implementation of critical security updates.
- Manage Cybersecurity incident response related activities.
- Perform all other related duties as assigned.
University degree in Computer Science, IT Security, Information Security or a closely related field. One or more Industry certifications covering IT security such as CISSP, SSCP, CEH, GCIH or equivalent.
Desirable: One or more advanced Industry certifications covering IT security such as CISA, CISM, BS7799, ISO 27001:2005 Implementer; ITIL Service Management; Internationally recognized Project Management Certification such as PMP or Prince 2 are highly desirable.
- A minimum of 5 years IT experience which at least 2 years at the international level and five years focused on IT security. In-depth knowledge of the cybersecurity attack process and phases. Demonstrated track record of ethical behavior. Hands-on experience with the following: technical system access control capabilities; vulnerability scanning, firewall principles and administration (log types, rule attributes and understanding of security zones), network data collection and analysis (the use of WireShark/TShark etc as the analysis tool), antivirus; malware analysis, proxy, IDS/IPS, log correlation tools, SIEM, DLP, NAC. Forencics principles (following the order of volatility, establishing and maintaining Chain of Custody). Conducting forensic investigations and working with law enforcement and other regulatory bodies during and following an incident. Hands-on experience with security vulnerability assessment and incident and patch management Experience using Microsoft Office and Visio to create documents, presentations, and detailed drawings. Good technical writing, documentation, and communication skills are required. Experience in working across geographic and cultural boundaries.
Extensive experience in working across multiple time zones without the need for face to face meetings. Experience in ICT audit, compliance or governance. Experience working in an environment where work hours are scheduled shifts corresponding to forecasted activity. Experience working outside of core business hours, including early morning, late evening, overnight, weekends, and/or holidays as needed.
- Functional Skills and KnowledgePossession of a diverse IT background with demonstrated continued professional development training path. Advanced knowledge and extensive experience working with various hardware platforms, network protocols and services (SSH, HTTP/S, DNS, SMB, FTP, SMTP, SNMP, TCP/IP, ARP, OSPF etc), various Operating Systems, Identity and Access Management (IAM). Excellent technical knowledge of mainstream anti-malware solutions, automated policy compliance tools, and desktop security tools.
- Ability to adapt to rapidly changing technology and apply it to business needs.
- Strong analytical and problem solving skills.
- Strong team oriented interpersonal skills with a strong ability to interface wide variety of people and teams in a cross functional environment.Ability to articulate and enforce Organisation Policy. Experience analysing application behaviour.
- Essential Skills Advanced knowledge of ICT security standards, frameworks and best practices.
- Knowledge and understanding on the creation/implementation of secure networks, firewalls and intrusion-detection systems.
- Understanding common network attacks, attack methods, and network defence architectures.
- Defining, developing, and implementing new security components and integrations.
- Excellent knowledge of ICT security practices and industry trends, particularly those pertaining to information security.
- Proficiency in vulnerability assessments.
- In-depth knowledge and understanding of information risk concepts and principles.
- Knowledge of and experience in developing and documenting security architecture and plans.
- Good understanding of hacking or perimeter breach techniques and able to stay in tune with the changes in this area.
- Knowledge of the fundamentals of project management, and experience with creating and managing project plans, including budgeting and resource allocation in a cross-functional environment.
- In-depth knowledge of risk assessment methods and technologies.
- Strong understanding of business applications, including ERP and financial systems.
- Excellent understanding of WEB Application security and OWASP Top 10.
Use of Language Skills
- Expert knowledge of English.
- Beginners knowledge of French.