About Us
The Office of Confidentiality and Security, is located within the Office of the Director-General.
The Operations Security Section is responsible for the provision of safe workplaces and the protection of OPCW assets.
The Confidentiality and Information Security Section is responsible for the protection of information and communications systems, and assists States Parties and the Secretariat with the implementation of the confidentiality regime.
General Information
Responsibilities
Job Summary
The Office of Confidentiality (OCS) sets the framework, provides the guidelines, institutes the measures and implements the provisions necessary to guarantee and enforce the fulfilment of the stringent OPCW confidentiality regime; operational security of the Secretariat's assets; the security of all its electronic systems; the confidentiality of all classified material and its safeguarding. Whilst the security regime for the protection of personnel, property, operations and information are the responsibility and main objectives of the OCS, more widely OCS delivers security management in support of all OPCW missions, investigations and activities.
The Confidentiality and Information Security Section is responsible for the implementation and management of the confidentiality regime and information security programme by exercising both advisory and oversight of all information security aspects of all business processes and information, communication, technology (ICT)-related functions and responsibilities.
Main Responsibilities
Under the general supervision of the Head Confidentiality and Information Security Section, the Information Security Officer is responsible for the following:
Coordinate all aspects of the OPCW information security programme with daily management and implementation of information and ICT security measures to ensure the preservation of the confidentiality, integrity and availability of OPCW’s information.
- Serve as an information security focal point at the detailed technical level for all information security related programmes and projects and advises the Head Confidentiality and Information Security on all information security related matters;
- Ensure compliance with the organisational and relevant industry standards (i.e., ISO 27001) is maintained for all ICT, data systems and assets;
- Develop and maintain information security related policies, procedures, standards, and guidelines for secure ICT to support the mandate of the OPCW by maintaining an adequate balance between effective confidentiality and information security controls and an efficient and unimpeded discharge of the OPCW’s tasks;
- Communicate and enforce information security policies, procedures, standards, and guidelines to all personnel and relevant stakeholders;
- Conduct and review security audits of ICT service providers, to include the full supply chain, in accordance with the relevant contractual agreements;
- Perform routine security monitoring of all networks (internet connected and non-internet connected), to include identification of critical functions and vulnerabilities in accordance with relevant policies and procedures;
- Collaborate with staff members of other branches/units and relevant stakeholders to provide guidance on confidentiality and information security requirements to ensure the Organisation is compliant with the security standards;
- Monitor user access across all networks ensuring access to confidential and sensitive information is in line with that authorised within the framework of relevant policies and procedures.
- Ensure ICT assets are managed and monitored for performance to ensure effective security measures are in place;
- Participate in activities related to changes to the organisation, business processes, information process facilities and systems to ensure internal controls are in place.
To view the complete job outline please click here.
Qualifications and Experience
Education
Essential:
- Advanced university degree in information security or related field;
- A first level university degree in any relevant subjects in combination with qualifying experience (minimum 7 years) may be accepted in lieu of the specified university degree.
Required Certification:
- Relevant industry certifications (e.g., CISSP, CISM, CCSP, etc.)
Desirable Certification:
- CRISC, GIAC, Vendor certifications, network administration, etc.
Knowledge and Experience
Essential:
At least 5 years of relevant working experience in the information security profession (minimum 7 years with a first level university degree) with significant experience in information security implementation, to include practical experience in:
- Designing ICT security solutions;
- Experience in incident monitoring and security investigations;
- Experience in assisting and conducting of security risk assessments;
- Experience in advising on and testing of security of ICT environments;
- Firewall administration and monitoring;
- Experience in the supervision of operations within secure environments and information processing systems;
Desirable:
- Experience with certificate authority management, Microsoft Office 365 Security, Cloud security, and digital forensics;
- Experience in an international organisation.
Skills and Competencies
Abilities (key competencies):
- Knowledge of information security principles and best practices;
- nowledge of industry standards and frameworks (e.g., NIST, ISO 27001, etc.)
- Experience in the development and drafting of information security-related policies.
- Hands on experience in using information security tools and technologies (e.g., SIEM, IDS/IPS, antivirus, firewalls, etc.);
- Excellent analytical and conceptualisation skills and an ability to plan and organise complicated processes;
- Excellent inter-personal, interview and negotiation skills;
- Excellent communication skills, with a demonstrated ability to present information clearly and logically both verbally and in writing;
- Demonstrated ability to draft, edit and present documents/papers in the English language;
- Ability to act with discretion and tact in sensitive situations;
- Ability to work well in a team with people of different national/cultural backgrounds.
Other Skills:
- Diplomacy and demonstrated ability to work in an international organisation with diverse cultures.
Languages
Fluency in English is essential and a good working knowledge of one of the other official languages (Arabic, Chinese, French, Russian, and Spanish) is desirable.
Additional Information
This fixed-term appointment is for the duration of two years with a six-month probationary period, and is subject to the OPCW Staff Regulations and Interim Staff Rules.
The OPCW is a non-career organisation with limited staff tenure. The total length of service for Professional staff shall not exceed 7 years.
The mandatory age of separation at the OPCW is 65 years.
This fixed-term appointment is for the duration of two years with a six-month probationary period, and is subject to the OPCW Staff Regulations and Interim Staff Rules.
The OPCW is a non-career organisation with limited staff tenure. The total length of service for Professional staff shall not exceed 7 years.
The mandatory age of separation at the OPCW is 65 years.
The Director-General retains the discretion to not make any appointment to this vacancy, to make an appointment at a lower grade, or to make an appointment with a modified job description. Several vacancies may be filled.
Only fully completed applications submitted before the closing date and through OPCW CandidateSpace will be considered. Only applicants under serious consideration for a post will be contacted.
Fixed-term staff members participate in the OPCW Provident Fund. A monthly staff contribution is met with a doubled amount by the OPCW under the provisions for social security. As the OPCW is exploring membership of the United Nations Joint Staff Pension Fund (UNJSPF), staff participation in the Provident Fund may be replaced by participation in the UNJSPF effective 1 January 2025.
Applications from qualified female candidates are strongly encouraged.
OPCW General Terms and Conditions
Important notice for applicants who are currently insured under the Dutch Social Security system
Although headquartered in the Netherlands, the OPCW is not a regular Dutch employer but a public international organisation with its own special status. Please be advised that if you are currently insured under the Dutch Social Security system, you will be excluded from this system as a staff member of the OPCW. You will consequently be insured under the organisation’s system. The above also applies to your dependents unless they are employed by a regular Dutch employer, they are self-employed in the Netherlands, or are receiving Dutch social security payments.
Please refer to the website of the Ministry of Social Affairs and Employment for more information about the possible consequences for you and your dependents, such as exclusion from ‘AWBZ’ and ‘Zorgverzekeringswet’ coverage: ‘Werken bij een internationale organisatie’.