Associate Cybersecurity Cloud and IAM Engineer

The UNICC workforce consists of many diverse nationalities, cultures, languages, and opinions. UNICC seeks to sustain and strengthen this diversity by ensuring equal opportunity and an inclusive working environment for its entire workforce. Applications are encouraged from all qualified candidates without distinction on grounds of race, ethnicity, sex, national origin, age, religion, disability, sexual orientation and gender identity.

Purpose of the Position:

The Associate Cybersecurity Cloud and Identity and Access Management (IAM) Engineer will provide services to assist and support UNICC and its client organizations in architecting, designing and implementing identity and access management solutions and cloud services.

The incumbent will provide services to client organizations either independently or as a team leader, depending on size and complexity of client organization and related needs. The post holder will also be responsible for managing consultants providing similar services to UNICC and its client organization.

Objectives of the Programme:

The objective of the Centre as stated by its mandate, are to provide information and communication technology (ICT) services (including training) on an inter-organizational basis.

Main duties and responsibilities

The incumbent will work under the direct supervision and guidance of the Head, Cybersecurity Architecture and IAM unit within the Cybersecurity Services Division and in close collaboration with other units in the division. The incumbent could be requested to do any other tasks of similar level in related fields. The post holder will work on the following tasks:

• Participate in the development, implementation and monitoring of enterprise IAM frameworks, guidelines and best practices with focus on ensuring that the integrity, confidentiality and availability of information is managed and controlled
• Under close guidance, manage IAM projects and design activities to respond to requirements focused on cybersecurity
• Contribute to the design and implementation of secure cloud architectures for public, private, and hybrid Cloud based systems within Amazon Web Services (AWS), Microsoft Azure, or other cloud providers
• Ensure adequate Design Network controls, Anti-Distributed Denial of Service (Anti-DDoS), Web Application Firewall (WAF) and API Gateways
• Under guidance, outline service oriented architecture (SOA) and microservices
• Work and troubleshoot IAM integration issues with identity repositories (LDAP, Active Directory, etc.)
• Propose the design and ensure Implementation of Role Based Access Controls, Multi-Factor authentication, Conditional access, MFA and adaptive IAM based on organization requirements using risk based approach
• Under guidance and in collaboration with the IAM Unit, propose the development of a reporting mechanism based on metrics to monitor progress, to measure efficiency and effectiveness of systems/framework, and to facilitate resource allocation
• Provide regular reporting on the current status of the information security systems/frameworks
• Keep up to date with security issues and best practices related to risk management
• Perform other related duties and fulfil responsibilities as required

Recruitment Profile

Experience and Skills required:

Essential:

• Two years experience in two or more of the following areas:
  • Enterprise Identity and access management
  • Security assessments of cloud services hosted on Azure and AWS
  • Security assessment of web applications, network architecture, cloud hosting or IT services
  • Designing, assessing and implementing secured cloud based and on-premise solutions
  • Cloud based identity federation and integration with complex custom applications
• Good understanding of the various Identity and Access Management platforms including OIM, Okta, Azure Identity Management, AWS IAM, etc
• Strong understanding with Federation Protocols (Oauth, SAML, OpenID), and Single Sign On (SSO) models
• Ability to understand technical and business aspects of IT risk, and to communicate those risks to management, business and technical units so that the organization can make informed decisions regarding appropriate levels of information security control

Desirable:

• Project management skills and ability to manage multiple projects under strict timelines
• Experiencec with security incident response and management process

Education:

Essential:

• A Bachelor’s degree in IT or relevant area
• At least one professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or other similar credentials

Desirable:

• Project Management qualification, such as PRINCE2
• Service management qualification, such as ITIL Practitioner
• IAM certification from Microsoft, Oracle, Okta, Azure, AWS or Google
• Any cloud security certification like CCSP, Azure Security Engineer Associate, AWS Certified Security – Speciality, GCP Security Engineer

Languages:

• English: Intermediate knowledge is desirable
• French: Intermediate knowledge is desirable
• Spanish: Intermediate knowledge is desirable

UNICC Global Competencies:

• Teamwork: Develops and promotes effective relationships with colleagues and team members. Deals constructively with conflicts.
• Communicating: Expresses oneself clearly in conversations and interactions with others; listens actively. Produces effective written communications. Ensures that information is shared.
• Respecting and promoting individual and cultural differences: Demonstrates the ability to work constructively with people of all backgrounds and orientations. Respects differences and ensures that all can contribute.
• Knowing and managing yourself: Manages ambiguity and pressure in a self-reflective way. Uses criticism as a development opportunity. Seeks opportunities for continuous learning and professional growth.
• Moving forward in a changing environment: Is open to and proposes new approaches and ideas. Adapts and responds positively to change.

Other Information

Compensation:

Annual Salary Estimation (net of tax at single rate):

• New York, (USA), including post adjustment (73,8% on December 2022): US$ 85,603.

UNICC also offers generous leave and absence allowances, flexible working hours, overtime compensation, teleworking, access to training, and depending on eligibility other benefits such as relocation grant, dependency allowance, language allowance, or education grant.

Closing date for applications:

Applications will be accepted until midnight (Geneva Time) on 22 December 2022.

Notes:

• Technical and/or personality tests may be carried out as part of the selection process
• Only short-listed candidates will be contacted
• Though you may not be selected for this advertised position, the UNICC will keep your application in a roster if your profile is deemed to be of potential interest for the Centre. You may thus be solicited by our HR department to participate in an interview for another position

* For UNICC staff members who do not meet the minimum educational qualifications, please refer to the applicable WHO e-Manual Annex 6 – Guidelines on Standard Minimum Experience Exposure and Education Requirements

The UNICC workforce consists of many diverse nationalities, cultures, languages, and opinions. UNICC seeks to sustain and strengthen this diversity by ensuring equal opportunity and an inclusive working environment for its entire workforce. Applications are encouraged from all qualified candidates without distinction on grounds of race, ethnicity, sex, national origin, age, religion, disability, sexual orientation and gender identity.