The United Nations Office at Nairobi (UNON) is the UN headquarters in Africa and the representative office of the Secretary-General. UNON supports the programme implementation of the UN Environment (UNEP) and the UN Human Settlements Programme (UN-HABITAT) globally, as well as other UN offices in Kenya, by providing administrative, conference and information services (www.unon.org). This position is located in the United Nations Office at Nairobi (UNON), Division of Administrative Service (DAS), Information and Communications Technology Service (ICTS). Under the general guidance of the Chief, UNON/ICTS and the direct supervision of the Information Security Officer, the incumbent will be responsible for the following duties:
Responsibilities
1. Network Security:
• Participate in planning, implementing, operating and maintaining security controls.
• Perform regular vulnerability assessments of production systems to identify weaknesses and determine the need for security updates and fixes.
• Draft documentation and reports.
• Implement information systems policies, strategies and activities of the Information and Communication Technology Services.
• Participate in analysis of IDS alerts and regular review of network equipment operating system and corresponding vendor security advisories.
• Ensure all network equipment is adequately monitored with appropriate alert escalation.
2. Incident Management:
• Manage security incidents involving slow moving or persistent threats across UNON and its’s client infrastructure.
• Coordinate escalations and collaborate with internal technology teams to ensure timely resolution of issues.
• Proactively search for and respond to security events and incidents from SIEM/SOC dashboards, Firewall (FW), Web Application Firewall (WAF), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Antivirus (AV), Network Access Control (NAC) and other client data sources.
3. Forensic Analysis:
• Perform threat and anomaly detection, analytics and hunting, digital forensics, within a team of information security professionals.
• Perform malware reverse engineering.
• Forensic analysis of events, images, packets and other digital evidence.
4. Monitoring:
• Develop and fine tune SIEM use cases and develop response process/procedure. Align SIEM/SOC use cases with business requirements using risk-based approach.
5.Technology Research:
• Carry out research and evaluation of hardware, software and communication products and assist in establishing and maintaining performance indicators.
• Participate in testing and evaluating new tools and technologies and making recommendations on the adaptation of such tools to the immediate supervisor.
• Draft end-user and/or technical documentation.
• Keep abreast of developments in information systems and technology in order to make recommendations to supervisors.
6. Perform any other relevant duties as required.
Competencies
1. Professionalism: Knowledge of information technology, including information security and computer system networks. Has knowledge of information technology security architecture across a variety of platforms, including: firewalls, intrusion prevention systems, SSL certificates, proxy and content filtering technologies, databases, and third party storage providers (“cloud services”). Has knowledge of tools and techniques used for threat and risk assessment and has understanding of current threat modeling and risk assessment techniques. Knowledge of hacking tools, and monitoring capabilities. Shows pride in work and in achievements; demonstrates professional competence and mastery of subject matter; is conscientious and efficient in meeting commitments, observing deadlines and achieving results; is motivated by professional rather than personal concerns; shows persistence when faced with difficult problems or challenges; remains calm in stressful situations. Commitment to implementing the goal of gender equality by ensuring the equal participation and full involvement of women and men in all aspects of work.
2. Teamwork: Works collaboratively with colleagues to achieve organizational goals; solicits input by genuinely valuing others’ ideas and expertise; is willing to learn from others; places team agenda before personal agenda; supports and acts in accordance with final group decision, even when such decisions may not entirely reflect own position; shares credit for team accomplishments and accepts joint responsibility for team shortcomings.
3. Commitment to Continuous Learning: Keeps abreast of new developments in own occupation/profession; actively seeks to develop oneself professionally and personally; contributes to the learning of colleagues and subordinates; shows willingness to learn from others; seeks feedback to learn and improve.
Education
High school diploma or completion of secondary school is required. Supplemental courses/technical certificate in information technology or other related field is required. Additional technical training or certification with emphasis on Intrusion Detection Systems and Network Security is required. Supplemental training to keep abreast of changes in information technology desirable. Passing the Global General Service Test (GGST) is an advantage for consideration in the General Services and related categories in the United Nations Secretariat. Applicants who have not passed the GGST at the time of application may be invited for the test after submitting an application.
Work Experience
A minimum of ten years of progressively responsible experience in the information technology or related field is required.
Experience in network security is required.
Experience in the following fields is highly desirable; conducting security incident response activities, reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs); knowledge and experience in threat hunting; excellent knowledge of enterprise LAN / WAN technologies, TCP/IP protocol stack, including routing, firewalling, proxies, WAF, IPS, and VPN concepts, excellent command of at least one general-purpose or shell scripting language (e.g. Ruby, Bash, PowerShell, Python, etc.); basic reverse engineering skills.
Languages
English and French are the working languages of the United Nations Secretariat. For the post advertised, fluency in oral and written English is required. Knowledge of another UN official language is an advantage.
Assessment
Evaluation of qualified candidates may include an assessment exercise which may be followed by competency-based interview.
Special Notice
Note: This is a temporary Job Opening. Appointment against this position is for a duration of 364 days, a limited duration and does not carry any expectancy, legal or otherwise, of renewal.
Staff members are subject to the authority of Secretary-General and to assignment by him or her. In this context, all staff are expected to move periodically to new functions in their careers in accordance with established rules and procedures. All applicants are strongly encouraged to apply online as soon as possible after the job opening has been posted and well before the deadline stated in the job opening. Online applications will be acknowledged where an email address has been provided. If you do not receive an e-mail acknowledgement within 24 hours of submission, your application may not have been received. In such cases, please resubmit the application, if necessary.
“Internal Applicants : When completing the form, ensure ALL fields, ALL professional experience and contact information are completed and up to date. This information is the basis for the hiring manager to assess your eligibility and suitability for the position and to contact you. “
The post Senior Information Systems Assistant at United Nations Office at Nairobi appeared first on Jobs in Kenya - http://jobwebkenya.com/.
The post Senior Information Systems Assistant at United Nations Office at Nairobi is republished from Jobs – Jobs in Kenya – http://jobwebkenya.com/
