COMPLETE OUTLINE
PRINCIPAL FUNCTIONS
Under the supervision of the Head, Confidentiality and Information Security Section within the Office of Confidentiality and Security, the post holder will provide information security services and advice to the Investigations and Identification Team whilst also contributing to the wider information security regime supporting the Technical Secretariat.
1. Ensure the end-to-end security, integrity and monitoring of information systems utilised by the Investigation and Identification Team (IIT)
a. Ensure that processes are in place and monitored for creation and importing of classified/sensitive information.
b. Monitor configured log sources for events indicating a compromise of integrity or confidentiality of classified/sensitive information.
c. Ensure that all transit of, and changes to, classified/sensitive information cannot be repudiated.
d. Ensure that all movement of classified/sensitive information is controlled and tracked.
e. Ensure that appropriate technical security controls are implemented in order to prevent unauthorised modification of classified/sensitive information
f. Create security architectures to provide the security, integrity and monitoring of information systems.
g. Provide information security training to IIT personnel, to safeguard the confidentiality of IIT work at headquarters and in the field.
2. Ensure that appropriate access controls are applied for the protection of IIT information
a. Ensure that appropriate technical controls are in place to prevent unauthorised access to classified/sensitive information.
b. Help develop policies, standards and action plans relating to information technology security issues;
c. Regularly liaise with the other Information Security Officers to coordinate prospective changes to the networks used by the Secretariat and report potentially adverse impacts of such changes to the Head of Section;
d. Provide technical advice relating to ensuring disaster recovery and business continuity of critical situations/sites and functions;
3. Information security incident response and investigations of information security incidents impacting the IIT
a. Perform computer incident investigations including computer, network and log analysis.
b. Investigate all events or reports indicating that a compromise of integrity or confidentiality of classified/sensitive information has taken place.
c. Planning and conducting information security/confidentiality incident investigations and performing investigations under the directions of Head, Office of Confidentiality and Security and the Director General of the OPCW.
d. Lead digital forensic and computer security investigations in OPCW, to include following activities:
i. Performing malware and advance persistent threat security investigations.
ii. Coordinating with national/international CERTS
iii. Coordinate with national authorities in the event of confidentiality incidents and investigations.
iv. Communicate and report impact of security incidents and appropriate remedial measures to senior management.
v. Maintain custody for digital evidence gathered during investigations.
4. Provide support to the OCS overall Information Security programme for the Technical Secretariat, including monitoring, incident response, investigations, project support and advisory functions.
Perform other duties as required.
RECRUITING PROFILE
Education (Qualifications):
Essential: Advanced university degree in Information Security or information systems with specialisation in information security (or similar relevant subject). A first level university degree in combination with qualifying experience (minimum 7 years) may be accepted in lieu of an advanced university degree. Relevant specialised or technical training may be considered in lieu of a University degree with at least 11 years directly relevant experience.
Required Certification:
Essential:
CISSP or CCSP or CISM
Digital Forensic certifications such as SANS GIAC certifications on Forensics/Cyber Defense fields, or EnCase/other vendor-specific certificates,
Network management certifications (vendor or non-vendor specific)
Desirable:
SANS certifications
CISSP concentration certifications (ISSAP or ISSMP or ISSEP)
Encase advanced level certifications
Firewall management certifications
Experience:
Essential:
At least 5 years (or 7 years with a first degree or 11years with specialised Training) of progressively responsible experience in the area of information security;
Experience in incident monitoring and security investigations
Experience in the establishment, use and monitoring of Data Loss Prevention systems.
Experience in Security Information and Event Management (SIEM) and log management technologies.
Experience and knowledge of web application firewalls
Experience in creation or consultation of security architectures for large organisations.
Desirable:
Experience in the implementation and monitoring of automated data-labelling/classification systems.
Experience in intrusion prevention systems, vulnerability assessment and management solutions
Experience with “chain of custody” and implementation of technical measures for its assurance
Experience with creating availability focused information security policies for disaster recovery purposes
Experience in analysing security compliance in large scale organisations.
Skills and Abilities (key competencies):
Excellent knowledge of information security and networking technologies;
Excellent analytical and conceptualisation skills and an ability to plan and organise complicated processes;
Excellent inter-personal, interview and negotiation skills;
Excellent communication skills, with a demonstrated ability to present information clearly and logically both verbally and in writing;
Excellent reporting skills and a demonstrated ability to draft, edit and present documents/papers in the English language;
Strong computer skills;
Experience in security risk and compliance management solutions;
Ability to use own initiative for decision making;
Ability to act with discretion and tact in sensitive situations;
Ability to work well in a team with people of different national/cultural backgrounds
Language Requirements:Fluency in English is essential and a good working knowledge of one of the other official languages (Arabic, Chinese, French, Russian, and Spanish) is desirable.