- Provide support to ITE in establishing information security and data protection department, lab and training center, and network/security operations center (NOC/SOC);
- Establish and maintain regular communication with the National CERT, line ministry, national security institutions and other relevant bodies, to ensure that all activities are compliant with the current legislation and best international practice;
- Provide support to ITE in drafting rulebooks and other documents related to the legal framework for information security;
- Assess needs for training of the ITE and government institutions’ (project beneficiaries) staff in information security governance and implementation of technical measures. Prepare training materials, execute knowledge transfer (including through cooperation with the private sector and relevant state institutions) and provide mentoring;
- Evaluate implementation of information security legislation/technical measures in comparable and the EU countries (e.g. vulnerability management, incident response, enterprise architecture security etc.), to gain practical knowledge and experience, prepare and execute study/official visits;
- Develop and provide inputs for TORs and other technical documents on the project, aligned with the regulatory framework for information security;
- Evaluate procurements against information security requirements set out in the regulatory framework and relevant procedures/guidelines of the IFIs;
- Monitor implementation of project activities and deliverables to ensure full compliance with the regulatory framework for information security;
- Report on the work performed in relation to regulatory compliance and any security breaches (in line with the reporting requirements of competent bodies);
- Coordinate the Technical Working Group on Data Protection and Information Security;
- Provide briefing materials and guidance for the project management committee around information security;
- Perform other project management duties in support to project preparation and implementation, as required by the PPID Project Manager.
- Expert assistance and advice provided in support of the project activities;
- Project documentation timely prepared, updated and maintained;
- Ensured alignment of project activities with the regulatory framework;
- Reports and work plans developed on time and in line with quality standards;
- Project activities and achievements captured and presented;
- Direction and guidance to project team and relevant stakeholders provided;
- Dialogue with relevant ministries, stakeholders and beneficiaries established and maintained.
- Good application of Results-Based Management;
- Good understanding and experience in project management;
- Good communication, coordination and facilitation skills;
- Consistently ensuring timeliness and quality of project work;
- Establishing lasting relationships and substantive dialogue with partners;
- Strong oral and written communication skills;
- Demonstrating cultural, gender, religion, race, nationality and age sensitivity and adaptability;
- Demonstrating integrity by modelling ethical standards.
- University degree in IT/ICT, engineering, management or similar fields; an advanced degree would be an asset.
- At least 5 years of professional experience in managing and/or consulting on information security;
- Experience in managing large-scale and standards-compliant information security projects for large enterprises (more than 250 employees) or government would be an asset.
- In depth knowledge of information security legislation, standards and methodologies;
- Possession of one or more of the following certificates would be an asset: Certified Information Systems Security Professional (CISSP); CompTIA Advanced Security Practitioner; Control Objectives for Information and Related Technologies; Certificate for Project Management; Certification for Evaluation of Information Security Measures (GPEN).
- Ability to function within a team, deliver when working under pressure and within changing circumstances;
- Strong writing/reporting and presentation skills;
- Strong interpersonal, networking and team building skills.
- Excellent knowledge of written and spoken Serbian and English.
Important applicant information
All posts in the SC categories are subject to local recruitment.
Applicant information about UNDP rosters
Note: UNDP reserves the right to select one or more candidates from this vacancy announcement. We may also retain applications and consider candidates applying to this post for other similar positions with UNDP at the same grade level and with similar job description, experience and educational requirements.
UNDP is committed to achieving diversity within its workforce, and encourages all qualified applicants, irrespective of gender, nationality, disabilities, sexual orientation, culture, religious and ethnic backgrounds to apply. All applications will be treated in the strictest confidence.
The United Nations does not charge any application, processing, training, interviewing, testing or other fee in connection with the application or recruitment process. Should you receive a solicitation for the payment of a fee, please disregard it. Furthermore, please note that emblems, logos, names and addresses are easily copied and reproduced. Therefore, you are advised to apply particular care when submitting personal information on the web.
Contract Duration: 6 months with possibility of extension