UNICC is committed to achieving diversity and inclusion within its workforce, providing an environment that reflects the values enshrined in the Charter of the United Nations and encourages all qualified applicants, irrespective of gender, nationality, disabilities, sexual orientation, culture, religious and ethnic backgrounds to apply. UNICC is dedicated to the SDGs, making SDG-5 (Gender Equality) and SDG-10 (Reduce Inequalities) the organization goals.

https://www.un.org/sustainabledevelopment/sustainable-development-goals/

The objective of the Centre is to provide trusted ICT services and digital business solutions to its Clients and Partner Organizations.

Background information:

The purpose of this engagement is to provide UNICC with a highly skilled Secure Code Repository Consultant. This individual will be instrumental in reinforcing UNICC capacity and capabilities in developing, implementing, and managing Secure Code Repository solutions for various UNICC clients.

The Secure Code Repository Engineer is expected to possess a high level of technical expertise and experience in managing and securing code repositories. This role is designed for a professional with a substantial background in software development, repository management, and security. The ideal candidate will demonstrate strong knowledge of CI/CD pipelines, integrations, authentication and authorization mechanisms, security scanning tools, and SDLC best practices.

Main duties and responsibilities:

The incumbent will work under the direct supervision of the Digital Solutions Strategy Lead Officer, within the Digital Delivery Division (DD), and will be in collaboration with other relevant teams across UNICC. The incumbent will undertake the following duties and deliverables:

• Under the supervision of the Digital Solutions Strategy Lead Officer, develop and implement secure code repository management solutions for projects
• Collaborate with internal teams and external stakeholders to identify and analyze repository management needs
• Following the division’s best practices, design and develop secure, scalable, and efficient repository architectures
• Provide guidance on secure code repository management, trends, and best practices
• In collaboration with the relevant teams, ensure compliance with organizational standards related to code repository management
• Under the supervision of the Digital Solutions Strategy Lead Officer, collaborate in the management of the entire lifecycle of code repositories, from configuration to maintenance and monitoring
• Collaborate in the preparation and execution of training sessions and workshops for internal staff on secure code repository management

Experience and Skills required:

Essential:

• At least three (3) years of experience in IT, including proven experience in the management of secure code repositories
• Expertise in version control systems such as Git, GitHub, GitLab, or Bitbucket: Profound understanding of repository management principles, including branching strategies, merge protocols, and access controls
• CI/CD Pipeline Design and Integration: Experience in designing, implementing, and maintaining CI/CD pipelines using various tools and in integrating security tools (e.g., SAST, DAST, dependency checkers) into CI/CD pipelines
• Authentication and Authorization: Proficiency in implementing and managing authentication and authorization mechanisms for code repositories
• Security Scanning and Monitoring: Strong understanding of security scanning tools to detect vulnerabilities in code with the ability to monitor repositories for security incidents and respond promptly to detected threats
• Programming and Scripting Skills: Proficiency in scripting languages such as Python, Bash, Go, or similar for automation tasks
• System Architecture Design: Ability to design scalable and secure repository management Understanding of how to integrate repository management solutions with existing IT infrastructure

Desirable:

• Incident Response and Management: Ability to lead responses to security incidents related to code repositories and experience in conducting post-incident reviews and implementing improvements to prevent future occurrences
• Project Management: Experience in managing the lifecycle of technology projects, from conception through deployment and maintenance, including requirement gathering, documentation, and stakeholder management
• Regulatory Compliance: Familiarity with IT standards, policies, and procedures, especially those relevant to security code repositories management

Education:

Essential:

• First university degree in Computer Science or related field

Desirable:

• Certified Secure Software Lifecycle Professional (CSSLP)
• Certified Information Systems Security Professional (CISSP)

Languages:

• English: expert level is required

UNICC Global Competencies:

• Teamwork: Develops and promotes effective relationships with colleagues and team Deals constructively with conflicts.
• Communicating: Expresses oneself clearly in conversations and interactions with others listens actively. Produces effective written communications. Ensures that information is
• Respecting and promoting individual and cultural differences: Demonstrates the ability to work constructively with people of all backgrounds and orientations. Respects differences and ensure that all can
• Knowing and managing yourself: Manages ambiguity and pressure in a self- reflective way. Uses criticism as a development opportunity. Seeks opportunities for continuous learning and professional growth.
• Producing results: Produces and delivers quality results. Is action oriented and committed to achieving
• Moving forward in a changing environment: Is open to and proposes new approaches and ideas. Adapts and responds positively to change.

Compensation:

Fee will be based either on the National Officer salary scales or the Individual Consultancy band levels (for Headquarters) 

• National Officer Salary Scale
• For headquarters, Individual Consultancy band levels will be used

Closing date for applications:

Applications will be accepted until midnight (Geneva Time) on 13 August 2024.

Notes:

• Technical and/or personality tests may be carried out as part of the selection process
• Only short-listed candidates will be contacted
• Though you may not be selected for this advertised position, the UNICC will keep your application in a roster if your profile is deemed to be of potential interest for the Centre. You may thus be solicited by our HR department to participate in an interview for another position

The UNICC workforce consists of many diverse nationalities, cultures, languages, and opinions. UNICC seeks to sustain and strengthen this diversity by ensuring equal opportunity and an inclusive working environment for its entire workforce. Applications are encouraged from all qualified candidates without distinction on grounds of race, ethnicity, sex, national origin, age, religion, disability, sexual orientation and gender identity.

For applications to be valid, they must contain a motivation letter and the filled Personal History Form.