Office of Information and Communications Technology Cyber Security Officer Jobs in Kenya

Office of Information and Communications Technology Cyber Security Officer Jobs in Kenya

Org. Setting and Reporting

The United Nations Office at Nairobi (UNON) is the UN headquarters in Africa and the Director-General of UNON is the representative of the Secretary-General in Kenya. UNON supports programme implementation of the United Nations Environment Programme (UNEP), the United Nations Human Settlements Programme (UN-Habitat), and the Resident Coordination System (RCS) globally, as well as other UN offices in Kenya, by providing administrative, security, conference and information services (www.unon.org).

The incumbent of this Nairobi-based position will primarily report to the Chief, Information Communications and Technology Services (ICTS), Division of Administrative Services (DAS), United Nations Office at Nairobi (UNON).

Additional supervision will be provided by the New York-based Chief, Cybersecurity Service (CSS), Office of Information and Communications Technology (OICT). The Cyber Security Officer is responsible for conducting evaluations/assessments of information and communication technologies (ICT) systems and projects to determine compliance with established cyber security policies and procedures.

The Cyber Security Officer recommends, reviews, and validates information security controls and manages the planning and implementation of projects and operational activities that are related to information security compliance and information risk management. The Office of Information and Communications Technology (OICT) is leading the digital transformation of the Organization to enable a better, safer, more sustainable future through secure, reliable, and innovative technology solutions.

Responsibilities

Within limits of delegated authority, the Cyber Security Officer will be responsible for the following duties:

Design, implement, and monitor cyber security systems of controls in place to ensure that the Organization complies with applicable UN internal regulatory and compliance requirements.

Provide guidance on designing, implementing, auditing, and conducting compliance testing activities to ensure adherence to cyber security compliance requirements.

Provide guidance in the design and implementation of applicable cyber security frameworks, and ensure its policies, processes, procedures, and controls are appropriately mapped to relevant UN internal regulatory and compliance requirements.

Continuously assess the efficiency and effectiveness of control systems, recommend necessary remediations and propose steps for improvements to ensure ongoing compliance.

Develop the organisation's vulnerability management strategy.

Develop procedures for the organisation on patch and vulnerability management, including automated patch deployment, assessment procedures, and procedures for remediation.

Coordinate with appropriate teams to ensure prioritization of patching and mitigations to vulnerabilities.

Contribute to the development of the organisation's cyber security strategy, policy, and procedures in consultation with senior management and legal team, as necessary.

Provide guidance in the discussions regarding existing initiatives from security, compliance, and risk perspectives.

Routinely monitor and validate information security controls to ensure compliance with mandatory requirements, identify irregularities, risks, and potential weaknesses, and use this insight to develop and implement best practices and process improvements for the organisation's information systems.

Develop monitoring methods to track and evaluate compliance efforts, e.g., dashboards.

Participate in review of the cyber security programmes in collaboration with risk and governance and provide advice to ensure their alignment with organisational requirements.

Provide security guidance and advice to users and ICT specialists to ensure the cyber security of the organisation and achieve compliance.

Coordinate with external security auditors and penetration testers to verify security of information systems and to identify and remedy vulnerabilities.

Act as the main focal point for the coordination of required activities to address security vulnerabilities.

Prepare concise reports based on penetration test outcomes to communicate remediation

recommendations to relevant stakeholders.

Train staff on security processes and procedures and actively participate in the security response process.

Monitor compliance of identity and access management (IAM) with access control policy and relevant technical procedures.

Keep abreast of the current and emerging security issues, risks, threats, vulnerabilities, and advancements in cyber security techniques and technologies.

Competencies

Professionalism: Knowledge in cyber security management controls including cyber security policies, standards, and processes. Knowledge of cyber security industry standards, methodologies and frameworks, and ability to adapt and integrate subsequent changes. Knowledge of current and emerging cyber security threat landscape, attack methodologies, tools, technologies, and mitigation / remediation methods. Skill in designing and implementing a cyber security strategy. Analytical thinking skills.

Planning and Organizing: Develops clear goals that are consistent with agreed strategies. Identifies priority activities and assignments; Adjusts priorities as required. Allocates appropriate amount of time and resources for completing work. Foresees risks and allows for contingencies when planning. Monitors and adjusts plans and actions as necessary. Uses time efficiently.

Client Orientation: Considers all those to whom services are provided to be "clients" and seeks to see things from clients' point of view. Establishes and maintains productive partnerships with clients by gaining their trust and respect. Identifies clients' needs and matches them to appropriate solutions. Monitors ongoing developments inside and outside the clients' environment to keep informed and anticipate problems.

Education

Advanced university degree (Master's degree or equivalent degree) in computer science, information systems, mathematics, statistics, information security, cyber security, or a related field.

A first-level university degree in combination with two additional years of qualifying experience may be accepted in lieu of the advanced university degree.

Successful completion of both degree and non-degree programs in data analytics, business analytics or data science programs is desirable.

Job - Specific Qualification

An active certificate in Information Security (e.g., CISM, CISSP) or equivalent is desirable and may be accepted as substantiation of candidates’ proficiency in the requisite knowledge, skills, and abilities for this position.

Work Experience

A minimum of seven years of progressively responsible experience using knowledge and skills indicated below with the phrase is required should be evident in the employment details in the application.

Use of knowledge in cyber management control including cyber security policies, standards and processes are required.

Use of knowledge of cyber security industry standards, methodology and frameworks, and ability to adapt and integrate subsequent changes is required.

Use of skill in designing and implementing a cyber security strategy is desirable.

1 year or more of experience in data analytics or related area is desirable.

Languages

English and French are the working languages of the United Nations Secretariat. For the position advertised, fluency in English is required. Knowledge of another official United Nations language is desirable.

How to Apply

For more information and job application details, see; Office of Information and Communications Technology Cyber Security Officer Jobs in Kenya

Find jobs in Kenya. Jobs - Kenya jobs. Search our career portal & find the latest Kenyan job positions, career opportunities & jobs in Kenya.

Jobs in Kenya - banking jobs, IT jobs, accounting jobs, NGO jobs, business administration, ICT, UN jobs, procurement jobs, education jobs, hospital jobs, human resources jobs, engineering, teaching jobs, and other careers in Kenya.

Find your dream job from 1000s of vacancies in Kenya posted and updated daily - click here!