Information Systems Assistant at United Nations Office at Nairobi

Job Description

Responsibilities
Under the general guidance of the Chief, UNON/ICTS/ICS and the direct supervision of the Information Security Officer the incumbent will perform the following duties:

1. Information Security Support:
• Act as focal point for receipt and processing of information security user requests/incidents.
• Provide basic Information Security technical support on relevant hardware and software systems applications in assigned area.
• Install application systems software and hardware according to specifications.
• Provide basic support in integrating Information Security in planning, design, development, implementation and maintenance of customized application software systems; work with senior IT staff on the definition and specification of security controls requirements; reviews security controls of prototype application software based on detailed instructions.
• Assist to perform regular vulnerability assessments of production systems to identify weaknesses and propose the action needed for security updates and fixes, analysis of intrusion alerts and review the UNON network operating system.
• Assist in identifying, prioritizing, and coordinating the protection of critical cyber defense infrastructure and key resources; analyzing network traffic to identify anomalous activity and potential threats to network resources.

2. Network Administration:
• Support the maintenance of data security projects with emphasis in network security, monitoring, resourcing, and other UN standard technologies.
• Participate in security incident response activities.
• Maintain regular contact with users and technical staff in user offices and provides support as required.

3. Technology Research:
• Conduct research on new technologies as requested.
• Participate in testing and evaluating new tools and technologies and making recommendations on the adaptation of such tools to the immediate supervisor.
• Keep abreast of developments in information systems and technology.

4. Perform other related duties as required.

Competencies
PROFESSIONALISM: Knowledge of information technology, including information security and computer system networks. Knowledge of information technology security architecture across a variety of platforms and tools and techniques used for threat and risk assessment. Ability to respond to changing requirements and assignments, ability to apply good judgment in the context of assignments given. Shows pride in work and in achievements. Demonstrates professional competence and mastery of subject matter. Is conscientious and efficient in meeting commitments, observing deadlines and achieving results. Is motivated by professional rather than personal concerns. Shows persistence when faced with difficult problems or challenges. Remains calm in stressful situations. Commitment to implementing the goal of gender equality by ensuring the equal participation and full involvement of women and men in all aspects of work.

TEAMWORK: Works collaboratively with colleagues to achieve organizational goals. Solicits input by genuinely valuing others’ ideas and expertise. Is willing to learn from others. Places team agenda before personal agenda. Supports and acts in accordance with final group decision, even when such decisions may not entirely reflect own position. Shares credit for team accomplishments and accepts joint responsibility for team shortcomings.

TECHNOLOGICAL AWARENESS: Keeps abreast of available technology. Understands applicability and limitation of technology to the work of the office. Actively seeks to apply technology to appropriate tasks. Shows willingness to learn new technology.

Education
Completion of Secondary education is required. Certifications in Information Security (such as certifications issued by organizations including ISC2, GIAC, ISACA, and Offensive Security) are desirable.

Job – Specific Qualification
Certified Ethical Hacker (CEH) certification is required. Please confirm if you have the certification, and if yes, attach a copy. Certification in Windows/Linux Forensics is desirable. Please confirm if you have the certification, and if yes, attach a copy.

Work Experience
A minimum of Five (5) years of relevant and progressively responsible experience in information security and/or incident response and threat management is required. The minimum years of relevant experience is reduced by two years for candidates who possess a first level University degree. Experience as a Security Operations Center (SOC) analyst and/or demonstrable knowledge in (SIEM) Security Information and Event Management products and technologies is desirable. Experience in Cyberthreat Intelligence, Incident Response and Threat Hunting is desirable. Experience in general-purpose scripting languages e.g. Python, Bash, PowerShell, etc. is desirable. 1 year or more of experience in data analytics or related area is desirable.