.

WFP celebrates and embraces diversity. It is committed to the principle of equal employment opportunity for all its employees and encourages qualified candidates to apply irrespective of race, colour, national origin, ethnic or social background, genetic information, gender, gender identity and/or expression, sexual orientation, religion or belief, HIV status or disability.

Are you a seasoned Information Security Officer interested in further developing your professional experience while contributing to ending global hunger? Are you passionate about helping those in need? Would you like to join an international organisation investing in its people?

If so, an exciting & fulfilling career awaits you! Join our diverse and passionate team that works on varied and international projects directly contributing to saving & changing millions of lives around the globe.

DEADLINE FOR APPLICATIONS

Applications must be submitted by Sunday, July 16, 2023 (17:59 EDT).

WHO WE ARE

The United Nations World Food Programme (WFP), a highly prestigious, reputable & world’s largest humanitarian organization, operating in more than 120 countries and territories, bringing life-saving assistance in emergencies, building pathways to peace, stability and prosperity for people recovering from conflict, disasters and the impact of climate change and supporting sustainable and resilient livelihoods for a world with zero hunger.

At WFP, people are at the heart of everything we do and the vision of the future WFP workforce is one of diverse, committed, skilled, and high performing teams, selected on merit, operating in a healthy and inclusive work environment, living WFP’s values (Integrity, Collaboration, Commitment, Humanity, and Inclusion) and working with partners to save and change the lives of those WFP serves.

To learn more about WFP, visit our website: UN World Food Programme (WFP) and follow us on social media to keep up with our latest news: YouTube, LinkedIn, Instagram, Facebook, Twitter.

WHY JOIN US?

• WFP is a 2020 Nobel Peace Prize Laureate
• WFP offers a highly inclusive, diverse and multicultural working environment
• WFP invests in the personal & professional development of its employees through a range of trainings, accreditation, coaching, mentorship and other programs as well as through internal mobility opportunities
• A career path in WFP provides an exciting opportunity to work across various country, regional and global offices around the world, and with passionate colleagues who work tirelessly to ensure that effective humanitarian assistance reaches millions of people across the globe
• We offer an attractive compensation package (please refer to the Terms and Conditions section)

ORGANIZATIONAL CONTEXT

The information security landscape is changing and information security has become a high priority for WFP.

With an extensive network of offices worldwide and a decentralised decision-making structure, WFP wants to create an environment of proactive IT operations processes to reduce risk exposure, detect and respond to advanced threats, ensure continuous compliance and drive down security operations costs.

Within this context, we are seeking an experienced, energetic and engaging Chief Information Security Officer (CISO) at the P5 level, based at our Headquarters in Rome, Italy who wants to become part of an exciting, vibrant community of information technology professionals supporting WFP’s mission to fight hunger.

The CISO will report to the CIO and Director Information Technology or his/her delegate and will become an advocate for WFP’s information security needs. You will be responsible for the development and delivery of a global information security strategy to optimize the security posture of the Organisation.

As Chief Information Security Officer, you will have the opportunity to establish the strategic direction of information security across our global Organization by developing and implementing a comprehensive security and risk management framework and maintaining and enhancing standards and practices to manage the confidentiality, integrity and availability of assets and data.

The complexity of this position requires a leadership approach that is engaging and collaborative, with a sophisticated ability to work with other leaders to set the best balance between security strategies and other priorities at the Organisational level.

KEY ACCOUNTABILITIES (not all-inclusive)

1. Serve as an expert advisor to executive leadership in the development, implementation, and maintenance of a strong information security program and infrastructure, including network access and monitoring policies;
2. Direct the strategy and operations for the protection of the Organization’s information and data assets;
3. Oversee the implementation of initiatives to continuously improve the cybersecurity posture of the organisation, in line with Zero Trust principles;
4. Collaborate with the business and technology leaders in the Organization to identify current and/or potential security risks and develop, implement, drive and optimize security solutions, methodologies and/or practices;
5. Oversee the development, implementation, and maintenance of the global security policy, enterprise security standards, guidelines and procedures, develop emergency procedures and incident response protocols, act as the control point during significant privacy and security incidents;
6. Collaborate with Organizational legal, compliance, DPO, risk management and oversight functions, to conduct reviews/audits, recommend policies and procedures, monitor status, and report violations to appropriate management;
7. Develop and implement information security initiatives, conduct and oversee the monitoring and auditing of compliance with regulatory and internal standards;
8. Develop, integrate, implement, and maintain the security roadmap and budgets in order to manage cybersecurity investments in management plans;
9. Establish policies, practices, awareness programmes and training to create a culture that prioritizes information privacy and security

QUALIFICATIONS AND KEY REQUIREMENTS

Education:

You have:

• Master’s degree or equivalent in Computer Sciences, Information Security, Information Technology, Engineering, or a related field. Or a Bachelor’s degree in combination with additional years of related work experience or trainings/courses.

Experience:

• At least eleven (11) years of relevant progressively responsible experience in information security.
• Understanding of network security technology, including strategy, design, and architecture.
• A Certified Information System Security Professional (CISSP) or equivalent certification from a recognized professional organization such as issued by the International Informational Systems Security Certification Consortium (ISC)2, Global Assurance Certification (GIAC) or Information Systems Audit and Control Association (ISACA) in Information Security required.
• Detailed knowledge related to code of practice for information security management like ITIL, COBIT, NIST and ISO 27001, ISO 27035 or other information security standards.
• Broad knowledge related to the creation of IT risk management processes and security and fraud prevention frameworks.
• Comprehensive skills in analysing the protection needs (i.e., security controls) for corporate information systems and networks, including security design, methods and techniques.
• Experience in assessing the robustness of systems and solutions, including conducting vulnerability scans and performing system security health checks, recognizing vulnerabilities and recommending opportunities for improvement.
• Experience in managing information security incidents and emotional maturity to understand the impact and sensitivity of IT security incidents.
• Knowledge of data protection and confidentiality management from private and/or public environments Familiarity with investigations and computer forensics.
• CISA CISM, CRISC, CGEIT certification will be considered a plus.
• Background in at least two of the following domains: Application security; security products and technologies; security engineering, networking protocols and data center; security analysis and investigations; risk assessment and management.

Language:

You have:

• Fluency (level C) in the English language
• Intermediate knowledge (level B) of a second official UN language: Arabic, Chinese, French, Russian, Spanish, and/or WFP’s working language, Portuguese.

MORE ABOUT YOU

You have:

• Strong written and verbal communication and presentation skills, to interact effectively with all levels of management, customers, IS staff, and vendors.
• Experience in planning (i.e., process improvement, desired application functionality, organizational structures and planning, etc.).
• Considerable knowledge of and experience in managing operations and staffing needs with the ability to prioritize multiple projects.
• Considerable knowledge of multiple technologies and experience with enterprise-wide applications and systems in an integrated work environment.
• Ability to work with and lead teams effectively.
• Comfortable operating in a collaborative, shared leadership environment.
• A personal presence that is characterised by a sense of honesty, integrity, and caring with the ability to inspire and motivate others to promote the mission, vision, goals, and values of the organization.

WFP LEADERSHIP FRAMEWORK

These are the common standards of behaviour that guide HOW we work together to accomplish our mission.

Different expectations of behaviour are defined depending on your grade and role/responsibilities within WFP.

TERMS AND CONDITIONS

Mobility is and continues to be a core contractual requirement in WFP. This position is however classified as “non-rotational” which means the incumbent shall not be subject to the regular reassignment process unless the position is reclassified as rotational.

The selected candidate will be based in Rome, Italy and employed on a fixed-term contract with a probationary period of one year. He/she will be required to travel abroad sometime to remote and difficult locations.

WFP offers an attractive compensation and benefits package, including basic salary, post adjustment, relocation entitlement, travel and shipment allowances, 30 days’ annual leave, home leave, an education grant for dependent children, pension plan and medical insurance. For more details please visit icsc.un.org

REMINDERS BEFORE YOU SUBMIT YOUR APPLICATION

• We strongly recommend that your profile is accurate, complete and includes your employment records, academic qualifications, language skills and UN Grade (if applicable)
• Once your profile is completed, please apply, and submit your application
• Please make sure you upload your professional CV in the English language
• Kindly note the only documents you will need to submit at this time are your CV and Cover Letter
• Additional documents such as passport, recommendation letters, academic certificates, etc. may potentially be requested at a future time
• Please contact us at wfprecruitment@wfp.org in case you face any challenges with submitting your application
• Only shortlisted candidates will be notified

.

WFP has a zero-tolerance approach to conduct such as fraud, sexual exploitation and abuse, sexual harassment, abuse of authority and discrimination. All selected candidates will be expected to adhere to WFP’s standards of conduct and will therefore undergo rigorous background verification internally or through third parties. Selected candidates will also be required to provide additional information as part of the verification exercise. Misrepresentation of information provided during the recruitment process may lead to disqualification or termination of employment

WFP will not request payment at any stage of the recruitment process including at the offer stage. Any requests for payment should be refused and reported to local law enforcement authorities for appropriate action.