The Division of Information Technology (MTIT) is a high performing team on a continuous improvement journey to deliver ever more value toward the IAEA’s important mission: Atoms for Peace and Development. We focus on Using Technology Better, Using Better Technology, Securely. MTIT is well into a transformation that achieves operational excellence, while also delivering on the six pillars of the IAEA’s Business Technology Strategy: Building an Adaptive IT Workforce, Implementing a Holistic IT Risk Management and Information Security Programme, Improving How the IAEA Works, Collaborating and Cooperating Across IT, Managing and Sharing Information, and Cultivating an Innovation Mindset.
The Infrastructure Services Section (ISS) focuses on the operational excellence, security, reliability, performance, and cost optimization of the IAEA’s network, compute and storage systems. We aim to modernize and use the Cloud when appropriate, ensuring the confidential, integrity, and availability of the IAEA’s information and information systems always come first. The Infrastructure Services Section includes three Units: Network and Telecommunications, Enterprise Systems, and Security Systems. We need innovative thinking to lead the Security Systems Unit. The Security Systems Unit has a unique and special role in the IAEA, as the Security Systems Unit Head will be responsible for the implementation of new security technologies, security incident response methods and plans, security event monitoring systems, malware detection and enterprise-level end-point protection solutions, and forensic investigations.
As a member of the ISS management team led by the Section Head, the Security Systems Unit (SSU) Head manages a team of ICT security engineers. He/she is responsible for engineering and administering central IT security systems, and integrating and holistically reviewing IT security across all systems on the network. He/she provides technical leadership, resource management and management of projects. The incumbent applies professional expertise on IT security (e.g. threat analysis, vulnerability management). He/she documents, manages and optimises operational security processes such as vulnerability management, security incident monitoring and security assessments. He/she advises on planning, design and implementation of protection, detection and forensic systems. He/she manages and coordinates the resolution of IT security incidents. Furthermore, he/she is responsible for sustaining service support measures and controls to ensure the resilience, performance, capacity and crisis recovery of those systems to meet the requirements of the organization.
The SSU Head performs the roles of supervisor; security, monitoring and forensic expert; and project manager.
Functions / Key Results Expected
• Leadership: provide SSU with a clear direction, define priorities, delegate work and motivate staff.
• Planning: support the Section Head in developing and implementing annual work and resource plans. Assess their applicability within the overall Business-Technology Strategic Plan. Recognize and actively seek ways to secure the Agency’s IT assets and services.
• Security Management: provide guidance by delivering a high level IT security roadmap based on ISO 27002; develop, propose, recommend, and implement security solutions; document procedures and assure compliance; implement technical control mechanisms; assess and integrate IT security controls for the entire network; and perform security assessments, forensic analysis and vulnerability testing, and make recommendations for corrective actions.
• Service Management: take overall responsibility for ensuring the resilience, performance and security of services within agreed service levels.
• Project Management: plan, monitor and control projects using the PRINCE2 methodology.
• Problem Solving: investigate and resolve problems for services within his/her own area of responsibility, delegate to team members as appropriate, following ITIL processes, and manage major incidents through their lifecycle.
Competencies and Expertise