ย
IMPORTANT NOTICE REGARDING APPLICATION DEADLINE: please note that the deadline for applications is indicated in local time as per the time zone of the applicantโs location.
ย
1.ย ย ย Organizational Context
ย
a.ย ย ย Organizational Setting
The post is located in the Information Security Section, Security and Information Assurance Division (SIAD). This Division is responsible for the management of all aspects of WIPO's information and physical security and safety and ensures that appropriate policies and procedures are in place and effective measures and controls are established to assess and mitigate threats/risks to the Organization. In particular, the Division defines the controls for the implementation of information security technologies and monitors if adequate assurance is maintained over WIPO's information assets.ย The Division also provides professional safety and security services for WIPO staff, its delegates and visitors and ensures the protection of the Organization's facilities and assets. Appropriate balance of the roles between \"service\" and \"control\" is the key for its success in enabling and sustaining WIPO's operations in an environment with increasing demands for openness and connectivity on the one hand and rapidly evolving information security risks on the other hand.
ย
b.ย ย ย Purpose Statement
The incumbent will be the principal technical authority on information security architecture within WIPO. They will be responsible for ensuring that the design of business solutions meet secure architecture principles and standards, as well as for the continuous development of defensible architecture principles and patterns that align with WIPO's information security risk tolerances, ensuring they are resilient against an evolving threat environment. The Senior Information Security Architect is expected to advise and influence business and technology decisions on the development and procurement of ICT services and products. The role will represent information security at Enterprise Architecture committees. The Senior Information Security Architect is a strategic leader responsible for shaping and safeguarding WIPOโs information assets. This role ensures that security architecture principles are embedded in all business solutions, enabling WIPO to operate securely in a rapidly evolving digital landscape.
ย
c.ย ย ย ย Reporting Lines
The incumbent works under the supervision of the Head of Information Security Section.
ย
d.ย ย ย Work Relations
The incumbent works closely with different areas of the Patent and Technology Sector, The Architectural Solutions Group (ASG). as well as with other WIPO Sectors, officials from IP Offices, and other internal and external stakeholders.
ย
ย
2.ย ย ย ย Duties and Responsibilities
ย
The incumbent will perform the following principal duties:
ย
a.ย ย Lead the development and continuous refinement of WIPO's strategic security architecture vision, ensuring alignment with Information Assurance and ICT strategies. Contribute to the development and maintenance of WIPO's Information Assurance strategy.
ย
b.ย ย Collaborate with information risk, enterprise architecture, security engineering, Architectural Solutions Group, and application teams to define and apply business relevant and risk-based security architecture standards.
ย
c.ย ย Collaborate proactively with assurance and risk teams to support and strengthen the wider controls environment, ensuring that security architecture aligns with organizational risk management and assurance frameworks.
ย
d.ย ย Define, publish and maintain the information security elements of WIPO's enterprise architecture blueprint in close coordination with WIPO's enterprise architect and business ICT teams, integrating security architecture principles into system development and engineering processes.
ย
e.ย ย Ensure that WIPO's security reference architectures and patterns are current, standards-based, relevant, and adaptable to evolving business needs. Areas include:ย ย ย identity and access management, service-oriented architectures, security auditing and logging, monitoring and reporting architectures, network segmentation, security policy detection and policy enforcement controls, remote access architectures, endpoint strategies, federation, application security architectures, mobility, and cloud security architectures.
ย
f.ย ย ย Review business and technology services and product architectures, identify design gaps, and recommend security enhancements.
ย
g.ย ย Represent information security in the WIPO Architectural Solutions Group ensuring applications are designed withย ย threat models, attacks paths and security standards in mind.
ย
h.ย ย Manage a continuous architectural compliance program measuring and reporting compliance and effectiveness to governance committees.
ย
i.ย ย ย Develop and implement an awareness program to promote information security architecture principles and their application among business and ICT stakeholders. Identify and mentor champions for secure architectures practices.
ย
j.ย ย ย Perform other related tasks as required.
ย