CONSULTANCY - TERMS OF REFERENCE
UNRWA is a United Nations agency established by the General Assembly in 1949 and is mandated to provide assistance and protection to a population of some 5 million registered Palestine refugees. Its mission is to help Palestine refugees in Jordan, Lebanon, Syria, West Bank and the Gaza Strip to achieve their full potential in human development, pending a just solution to their plight. UNRWA’s services encompass education, health care, relief and social services, camp infrastructure and improvement, microfinance and emergency assistance. UNRWA is the largest UN operation in the Middle East with more than 30,000 staff. UNRWA is funded almost entirely by voluntary contributions.**
Consultant – Information Security Specialist, (Local)
UNRWA has signed a Memorandum of Understanding (MoU) with United Nations International Computing Center (UNICC) that aims to enhance livelihood and human development opportunities to Palestine refugees in Gaza. By this new collaboration, UNRWA becomes a provider of Information Management, Technology services and capacity augmentation to UNICC technical team, on a cost recovery basis through IMTD/IT Service Center (ITSC) in HQ-Gaza.
United Nations International Computing Center (UNICC) is a UN agency that provides IT services to other UN agencies on a cost recovery basis.
UNRWA Information Management and Technology Department (IMTD) is seeking an Information Security Specialist to work on UNICC consultancy services. The post holder will perform information security assessments on ICC and partner infrastructure, comparing them to industry best practices like CIS Benchmarks, NIST guidelines.
The consultant will report administratively to Head Information Technology Service Centre at Headquarter Gaza and technically to United Nations International Computing Center (UNICC).
Description of Duties and Responsibilities
The consultant will work under the direct supervision and guidance of the SOC Manager within the CP Division and in close collaboration with the Information Security Services Unit team. The incumbent could be requested to do any other tasks of similar level in related fields, besides the following:
· Install, maintain and troubleshoot the SIEM infrastructure including optimization of logs ingestion, regular maintenance and access controls management;
· Support the technical onboarding of new clients on the SIEM, including but not limited to initial assessment and quarterly improvement review process;
· Review security events that are populated in a Security Information and Event Management (SIEM) system;
· Monitor and investigate a variety of network and host-based security appliance logs preconfigured on SOC dashboards (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident;
· Run vulnerability scans and reviews vulnerability assessment reports;
· Manage and configure security monitoring tools;
· Manage McAfee EPO solution;
· Manage EDR Solutions.
minimum Qualifications and Experience
● A university degree from an accredited educational institution in Computer Science, Information Technology, or related discipline;
● A minimum of 5 years of relevant experience in administration on all or part of the following area:
o EDR Solutions (e.g. Windows Defender ATP, Crowdstrike or RedCloak).
o SIEM management solutions (e.g. Splunk, ELK)
o Operating Systems administration (Windows 7/8/10 – Server 2008-12)
o Experience in using scripting languages to automate tasks and manipulate data.
o Administration of perimeter network infrastructure (Firewalls, Routers)
o Excellent understanding of Cyber Security Operations
● Any of the following certifications: CCNA, CCNP, CISSP, CEH, CSTA, CSTP, GCFE, OSCP/E, CPP, GCIH, GCIA, CCSP, CISA.
● Fluency in spoken and written English.
· Teamwork: Develops and promotes effective relationships with colleagues and team members. Deals constructively with conflicts;
· Communication: Expresses oneself clearly in conversations and interactions with others; listens actively; Produces effective written communications; Ensures that information is shared;
· Respecting and promoting individual and cultural differences: Demonstrate the ability to work constructively with people of all backgrounds and orientations; Respects differences and ensures that all can contribute;
· Producing results: Produces and delivers quality results; Is action oriented and committed to achieving outcomes;
· Moving forward in a changing environment: Is open to and proposes new approaches and ideas; Adapts and responds positively to change;
· Manages ambiguity and pressure in a self-reflective way. Uses criticism as a development opportunity; Seeks opportunities for continuous learning and professional growth.
● Understanding of Networking and Security
● Experience in Security Incident Response activities and Security Incident Report
● Experience in Linux Administration
● Experience with management of EDR solutions
● Intermediate knowledge of Spanish.
CONDITIONS OF SERVICE
· The duration of the consultancy is 6 to 11 months, extendable according to performance and availability of funds.
· Remuneration for this consultancy will depend on the qualifications and relevant experience as follows:
o Cluster A: $1,600.
o Cluster B: $1,800.
· The incumbent can be in any of UNRWA fields of operations (Gaza, Jordan, Lebanon, Syria, or West Bank).
· May be required to work in a 24×7 Security Operation Centre (SOC) environment
Applicants should submit a cover letter and CV or UN Personal History Form demonstrating clearly the knowledge and experience required to meet the consultancy requirements via firstname.lastname@example.org indicating the title of this consultancy “**Information Security Specialist**” in the subject line of the message and field (area)/country of the candidate. The deadline for the submission of applications is 31 January 2021**.**
UNRWA is an equal opportunity employer and welcomes applications from both women and men. UNRWA encourages applications from qualified women. Only those applicants shortlisted for interview will be contacted. UNRWA is a non-smoking environment.