Cybersecurity Consultant
vor 6 Monaten
**Background information**
The High Level Committee on Management (HLCM) of the UN formally adopted the Principles on Personal Data Protection and Privacy at its 36th Meeting on 11 October 2018.
These principles set out a basic framework for processing “personal data”, defined as information relating to an identified or identifiable natural person, by or on behalf of the United Nations System Organizations in carrying out their mandated activities.
UNICC has developed and established a supporting framework to support UN Partners in implementing Privacy Framework or Management System.
UNICC is currently looking for a Data Protection and Privacy Specialist. The Specialist will work on internal Privacy framework implementation as well as providing data protection related services to UNICC Partners.
The position will be responsible for consulting on privacy matters, development, implementation, maintenance and execution of policy and procedural documentation in support of UNICC or UNICC Partners’ Privacy Programmes. This person will also coordinate with multiple business areas including GRC, Finance, Legal, HR, IT Operations, etc. to ensure privacy requirements are effectively implemented and monitored for effectiveness.
**Main duties and responsibilities**:
The incumbent will work under the supervision of the Head, Cybersecurity Governance Unit (CSG) and will be provided guidance by the Cybersecurity Officer (Data Protection And Privacy), conducting the following duties and deliverables:
- Assist in the development and collaborate with the CSG unit in overseeing comprehensive privacy and cybersecurity programmes, ensuring alignment with ISO 27001 and ISO 27701 standards
- Perform monitoring on regulatory developments concerning privacy, data protection and artificial intelligence
- Draft, update, and enforce privacy and information security policies and procedures
- Provide advisory to the organization in establishing and maintaining compliance with international data protection frameworks such as ISO 27701 requirements
- Conduct regular privacy and cybersecurity risk assessments, focusing on data protection
- Implement privacy-enhancing and cybersecurity technologies, ensuring privacy by design and default in all IT projects
- Propose the development and conduct training programmes on data protection
- Establish and manage processes for responding to privacy and cybersecurity incidents, including breach detection, reporting, and response
- Maintain effective communication with internal and external stakeholders about privacy and data protection matters, reporting the status and effectiveness of the programmes to management
- Collaborate with other cybersecurity teams to integrate cybersecurity strategies with privacy practices
- Advise the CSG unit and other relevant teams on the necessary efforts to achieve and maintain ISO 27701 certification, and ensure the secure processing of personal and sensitive data
- Stay updated on global privacy laws, cybersecurity standards, and technological advancements, advising the organization on strategic implementations
Recruitment Profile
**Experience and Skills required**:
**Essential**:
- At least three (3) years of demonstrated experience in Cybersecurity, Governance, Risk, Compliance (GRC) and Privacy/Data Protection domains
- Strong knowledge of privacy and data protection laws and/or frameworks such as GDPR, EU ePrivacy directive, CCPA, HIPAA etc.
- Track record in establishing Information Security Management System (ISMS) based on ISO 27001:2013
- Proven experience with the implementation of Privacy Information Management Systems (PIMS) such as ISO 27701:2018
- Proven experience conducting privacy reviews, control assessments and privacy impact assessments
- Strong knowledge in privacy engineering techniques including privacy by design and default techniques
- Ability to effectively write documentation & reports for diverse audience
- Willingness to learn on the job
- Ability to manage and resolute conflicts
**Desirable**:
- Prior work experience in the UN system, or as a service provider to UN agencies
- Project management skills
- Ability to monitor and summarize regulatory developments in privacy, data protection and artificial intelligence
**Education**:
**Essential**:
- First university degree in Computer Science, Information Systems, Mathematics, Statistics or related field; or first university degree in Law
- Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Cloud Security Professional (CCSP), ISO 27001 or 27701 lead implementer/auditor, IAPP Certified Information Privacy Manager or any related/similar certification. Privacy certifications (such as CDPSE/CIPP/CIPM/CIPT or similar) strongly preferred
**Desirable**:
- For Cybersecurity profiles, specialization courses or degree in Law; for legal profiles, specialization in t
-
Child Participation and Engagement Consultant
vor 2 Wochen
Home Office, Schweiz International Telecommunication Union (ITU) VollzeitINTERNATIONAL TELECOMMUNICATION UNION - ITU is the leading United Nations agency for information and communication technologies, with the mission to connect the world. To achieve this, ITU manages the radio-frequency spectrum and satellite orbits at the international level, works to improve communication infrastructure in the developing world, and...