IT Security Infrastructure Engineer(P2)
JOB DETAIL
IMPORTANT NOTICE REGARDING APPLICATION DEADLINE: Please note that the closing date for submission of applications is indicated in local time as per the time zone of the applicant’s location.
Organizational Setting
The Division of Information Technology provides support to the IAEA in the field of information and communication technology (ICT), including information systems for technical programmes and management. It is responsible for planning, developing and implementing an ICT strategy, for setting and enforcing common ICT standards throughout the Secretariat and for managing central ICT services. The IAEA’s ICT infrastructure comprises hardware and software platforms, and cloud and externally-hosted services. The Division has implemented an IT service management model based on ITIL (IT Infrastructure Library) and Prince2 (Projects in a Controlled Environment) best practices.The Infrastructure Services Section (ISS) is responsible for implementing, maintaining, and administering the ICT systems and services for high availability; designing, implementing, and operating IT security services; and managing the data centre. The platforms include Microsoft Windows servers, Linux servers, Oracle EBS infrastructure, data storage, and transmission networks, serving more than 2500 staff, as well as over 10000 external users around the world. The Section includes three Units: Network and Telecommunications, Enterprise Systems, and Security Systems.
Main Purpose
The purpose of the post is to help the IAEA information and communication technology services define and create repeatable and consistent processes to strengthen IAEA information security. Under the supervision of the Security Systems Unit (SSU) Head, the IT Security Infrastructure Engineer will be responsible for the global network security threat prevention and detection controls and all applicable facets that make up a typical enterprise infrastructure IT security environment. He/she also participates in implementation and operational maintenance for various IT security technologies and will be expected to provide technical expertise for IT security projects, and technical investigations following possible security incidents.
Role
The IT Security Infrastructure Engineer is (a) a technical analyst supporting the design and formulation of security measures, procedures and standards on all aspects of IT security; (b) a solution provider, coordinating service delivery; (c) a team member actively involved in planning, implementing, testing and deployment of IT security systems; and (d) a security incident handler.
Functions / Key Results Expected
• Contribute as a key player to ensuring the confidentiality, integrity and availability of information systems and data through end-to-end IT security measures and by implementing appropriate technology and processes.
• Assure effectiveness and evolution of infrastructure security controls applied to virtual private networks, cloud environment, on prem data centres, web protocols, and custom applications.
• Assist in contentious improvements of the existing security infrastructure hardening to achieve high resilience and security.
• Maintain new features for the Network Intrusion Prevention/ Detection System (IPS/IDS), providing operational support
• Participate in IT projects on a daily basis to ensure they produce the required results. This includes in planning, implementing, and monitoring the projects, and creating project documentation.
• Identify security issues and risks related to new firewall rules and configurations. Collaboratively with IT and security peers develop mitigation plans.
• Provide substantive inputs and suggestions on all aspects related to the network security design, and testing of new Infrastructure security products, security infrastructure, security plans and services.
• Coordinate security appliances patching, IT security services delivery, installation, and maintenance working with external vendors and other UN agencies.
• Provide inputs on deficiency and effectiveness of infrastructure security control deployment and usage, recommend new and emerging security products and technologies.
• Assist in developing or improvements of the Standard Operating Procedures (SOPs), draft and maintain network diagrams, build books, and technical “cheat sheets”.
• Create and provide regular reports to the senior management pertaining to effectiveness of network security controls
Competencies and Expertise
Core Competencies(Competency Framework)
| Name | Definition |
|---|---|
| Communication | Communicates orally and in writing in a clear, concise and impartial manner. Takes time to listen to and understand the perspectives of others and proposes solutions. |
| Achieving Results | Takes initiative in defining realistic outputs and clarifying roles, responsibilities and expected results in the context of the Department/Division’s programme. Evaluates his/her results realistically, drawing conclusions from lessons learned. |
| Teamwork | Actively contributes to achieving team results. Supports team decisions. |
| Planning and Organizing | Plans and organizes his/her own work in support of achieving the team or Section’s priorities. Takes into account potential changes and proposes contingency plans. |
Functional Competencies
| Name | Definition |
|---|---|
| Client orientation | Establishes effective relationships with clients to understand and meet or exceed their needs. Finds ways to ensure client satisfaction. |
| Commitment to continuous process improvement | Identifies opportunities for process, system and structural improvement as well as improving current practices, increasing effectiveness and achieving efficiency gains. Actively supports the application of sound quality management standards and process improvement. |
| Technical/scientific credibility | Acquires and applies new skills to remain up to date in his/her area of expertise. Reliably applies knowledge of basic technical/scientific methods and concepts. |
Required Expertise
| Function | Name | Expertise Description |
|---|---|---|
| Information Technology | IT Security | Experience in implementation and maintenance of Infrastructure IT Security Systems; Next-Gen FW, IPS/IDS, Web URL filtering, Automated Network Forensics/ Anomalies Detection tools, DDoS protection. |
| Information Technology | Information Security and Risk Management | Expertise in managing infrastructure security hardening assessments, identifying risks, and remediations plans according to the best practices. |
| Information Technology | Technical Writing | Information Technology / Technical Writing Experience in creating technical documentation: network diagrams, data flow diagrams, technical operational procedures, build books, reports. |
Qualifications, Experience and Language skills
- University degree in Computer Science, IT Security or Information Security;
- Minimum of two years of professional experience in IT security Infrastructure threat prevention, detection or response systems in an IT enterprise environment.
- Knowledge of SNMP, Syslog, AAA, IP Super/sub netting, DHCP, NTP, QOS, and NetFlow as they relate to security enhancement and diagnostics Hand on experience in design, configuration, migrations, tuning, and customisation of network threat prevention controls.
- Experience in creating technical documentation, guides, and reports, as well as solid understanding of the incident management and change management processes.
- Excellent written and spoken level of English language and ability to convey complex technical IT infrastructure or IT security concepts to technical and non-technical audiences including executives.
- Internationally recognised IT security certification would be desirable.
- Excellent oral and written command of English. Knowledge of other official IAEA languages (Arabic, Chinese, French, Russian and Spanish) is an asset.
Remuneration
The IAEA offers an attractive remuneration package including a tax-free annual net base salary starting at US $50377 (subject to mandatory deductions for pension contributions and health insurance), a variable post adjustment which currently amounts to US $ 23325*, dependency benefits, rental subsidy, education grant, relocation and repatriation expenses; Other benefits include 6 weeks’ annual leave, home leave travel, pension plan and health insurance. More information on the conditions of employment can be found at: https://www.iaea.org/about/employment/professional-staff/conditions
General Information
- The IAEA’s paramount consideration in the recruitment of staff member is to secure employees of the highest standards of efficiency, technical competence and integrity.
- Staff Members shall be selected without any unfair treatment or arbitrary distinction based on a person’s race, sex, gender, sexual orientation, gender identity, gender expression, religion, nationality, ethnic origin, disability, age, language, social origin or other similar shared characteristic or trait.
- The IAEA is committed to gender equality and to promoting a diverse workforce. Applications from qualified women and candidates from developing countries are strongly encouraged.
- Applicants should be aware that IAEA staff members are international civil servants and may not accept instructions from any other authority. The IAEA is committed to applying the highest ethical standards in carrying out its mandate. As part of the United Nations common system, the IAEA subscribes to the following core ethical standards (or values): Integrity, Professionalism and Respect for diversity.
- The IAEA has a zero-tolerance policy on conduct that is incompatible with the aims and objectives of the United Nations and the IAEA, including sexual harassment, abuse of authority and discrimination.
Evaluation process
- The evaluation of applicants will be conducted on the basis of the information submitted in the application according to the selection criteria stated in the vacancy announcement. Applicants must provide complete and accurate information. Evaluation of qualified candidates may include an assessment exercise, which may be followed by a competency-based interview.
- Candidates under serious consideration for selection may be subject to reference and background checks as part of the recruitment process.
Appointment information
- Appointment is subject to a satisfactory medical report.
- Staff members may be assigned to any location.
- Candidates appointed to posts in the Professional and higher categories are subject to IAEA rotation policy and their maximum tour of service shall normally be seven years.
- The IAEA retains the discretion not to make any appointment to this vacancy, to make an appointment at a lower grade or with a different contract type, or to make an appointment with a modified job description or for shorter duration than indicated above.
