Hardship Level (not applicable for home-based): H (no hardship)
Family Type (not applicable for home-based): Family
Staff Member / Affiliate Type: CONS International
Target Start Date: 2023-10-01
Job Posting End Date: August 30, 2023
Terms of Reference
GENERAL BACKGROUND OF THE ASSIGNMENT: In the recent years, The DER Digital Solutions Unit has been facing a growing number of security threats potentially affecting websites integrity and online brand/reputation.
The success of the UNHCR online web presence requires a proper websites’ security strategy to be defined and implemented.
The Digital Solutions Unit proposes to contract a Web Security specialist to define the security strategy involving vulnerability audits, penetration testing activities, and a long-term process including the development of business continuity and resilience plans.
WORKING ARRANGEMENT: Home-based, Working for 60 days in the duration of the 3 MONTHS contract, full-time.
MISSION: Travel Applicable
OVERALL SCOPE OF ASSIGNMENT: Responsibilities: \u2022\tImplement vulnerability testing, threat analyses, and security checks plan \u2022\tInvestigate security incidents, coordinate resolution and provide security solutions \u2022\tProvide recommendations to web developers and senior management \u2022\tAct as an infosec focal point to the CISO \u2022\tMaintain the websites security dashboard
Deliverables: For each project the following project management documentation will be produced: \u2022\tSecurity Plan \u2022\tVulnerability audit and penetration testing results, action plan and recommendations \u2022\tBusiness continuity and resilience Plans
ESSENTIAL MINIMUM QUALIFICATIONS AND PROFESSIONAL EXPERIENCE REQUIRED:
- Basic university degree in computer science or information technology or other related field combined with relevant work experience of between 13 and 18 years, or between 11 and 16 years with a Master’s degree.
- 5+ years of prior relevant experience.
- Experience with vulnerability scanning and penetration testing.
- Advanced certifications such as CEH, SANS GIAC/GCIA/GCIH, CISSP or CASP and/or SIEM-specific training and certification.
- Hands-on experience analyzing high volumes of logs, network data, and other attack artifacts in support of incident investigations.
- Proficiency with any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, and Network Forensics.
- The candidate should be fluent in English (spoken and written).
- Experience in the UN system is a considerable advantage.
- Working knowledge of other UN languages is desired.
Standard Job Description: Required Languages: , ,
,
Additional Qualifications: Skills
Education
Certifications
Work Experience
Other information: Working remotely acceptableThis position doesn’t require a functional clearance