Purpose of the Position:

The Cyber Security Identity and Access Management (IAM) Specialist will provide services to assist and support ICC and its client organizations in architecting, designing and implementing identity and access management solutions and guide the other operations team in managing the identity life cycle.

Objectives of the Programme:

The objectives of the Centre, as stated by its mandate, are to provide information and communication technology (ICT) services (including training) on an inter-organizational basis.

Main duties and responsibilities:

The incumbent will work under the direct supervision and guidance of the Chief Cyber Security Section within the Clients and Projects Division and in close collaboration with the Information Security Services Unit team. The incumbent could be requested to do any others tasks of similar level in related fields. The post holder will work on the following tasks:

• Develop, implement and monitor strategic, comprehensive enterprise IAM frameworks, guidelines and best practices with focus on ensuring that the integrity, confidentiality and availability of information is managed and controlled
• Lead the IAM projects and design activities to respond to complex requirements focused on cybersecurity
• Act as the single point of contact for IAM related expertise and architectural concerns
• Liaise with the applications team, IT operations team and cyber security team for developing, designing and implementing IAM solutions
• Work and troubleshoot complex IAM integration issues with identity repositories (LDAP, Active Directory, etc.)
• Design and Implementation of Role Based Access Controls, Multi-Factor authentication, Conditional access, MFA and adaptive IAM based on organization requirements using risk based approach
• Develop a reporting mechanism based on metrics to monitor progress, to measure efficiency and effectiveness of systems/framework, and to facilitate resource allocation
• Provide regular reporting on the current status of the information security systems/frameworks to senior management and business unit heads as part of a strategic enterprise risk management program
• Develop and oversee effective disaster recovery policies and standards to align with enterprise business continuity management program goals, focused for IAM service.
• Coordinate the development of implementation plans and procedures to ensure that business‐critical services are recovered in case of a security event. Provide direction, support and in‐house consulting in these areas
• Keep up to date with security issues and best practices related to risk management. Monitor emerging threats trends, and advise relevant stakeholders on the appropriate courses of action
• Perform other related duties and fulfill responsibilities as required

Experience and Skills required:

Essential:

• Five years experience in two or more of the following areas:
  • • Enterprise Identity and access management
    • Security assessment of web applications, network architecture, cloud hosting or IT services
    • Cloud based identity federation and integration with complex custom applications
    • IAM governance and risk management
    • IAM consulting engagements
• Strong understanding of the various Identity and Access Management platforms including OIM, Okta, Azure Identity Management, AWS IAM, etc
• Strong understanding with Federation Protocols (Oauth, SAML, OpenID), and Single Sign On (SSO) models
• Ability to understand technical and business aspects of IT risk, and to communicate those risks to management, business and technical units so that the organization can make informed decisions regarding appropriate levels of information security control
• Strong analytical and problem-solving skills
• Ability to act calmly and competently in high-pressure, high-stress situations
• Excellent written and verbal communication skills, interpersonal and collaborative skills

Desirable:

• Project management skills and ability to manage multiple projects under strict timelines
• Experience with security incident response and management process

Education:

Essential:

• Masters or advanced degree in information security, computer science or related field
• A Bachelor’s degree with two (2) extra years of relevant experience may be considered in lieu of the Master’s degree
• At least one professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or other similar credentials
• IAM certification from Microsoft, Oracle, Okta, Azure, AWS or Google

Desirable:

• Project Management qualification, such as PRINCE2
• Service management qualification, such as ITIL Practitioner

Languages:

• English: Intermediate knowledge is required
• French: Intermediate knowledge is desirable
• Spanish: Intermediate knowledge is desirable

ICC Global Competencies:

• Teamwork: Develops and promotes effective relationships with colleagues and team members. Deals constructively with conflicts.
• Communicating: Expresses oneself clearly in conversations and interactions with others; listens actively. Produces effective written communications. Ensures that information is shared.
• Respecting and promoting individual and cultural differences: Demonstrates the ability to work constructively with people of all backgrounds and orientations. Respects differences and ensures that all can contribute.
• Knowing and managing yourself: Manages ambiguity and pressure in a self-reflective way. Uses criticism as a development opportunity. Seeks opportunities for continuous learning and professional growth.
• Producing results: Produces and delivers quality results. Is action oriented and committed to achieving outcomes.
• Moving forward in a changing environment: Is open to and proposes new approaches and ideas. Adapts and responds positively to change.

Eligibility:

This vacancy notice is open only to internal candidates

Compensation:
Annual Salary Estimation (net of tax at single rate), including post adjustment (70,3% in August 2020): USD$ 103,818.

UNICC also offers generous leave and absence allowances, flexible working hours, overtime compensation, teleworking, access to training, and depending on eligibility other benefits such as relocation grant, dependency allowance, language allowance, or education grant.

Closing date for applications:
Applications will be accepted until midnight (Geneva Time) on 6 September 2020.

Notes:

• Technical and/or personality tests may be carried out as part of the selection process
• Only short-listed candidates will be contacted
• Though you may not be selected for this advertised position, the ICC will keep your application in a roster if your profile is deemed to be of potential interest for the Centre. You may thus be solicited by our HR department to participate in an interview for another position

Applications from women are particularly encouraged for this vacancy