Organisation for the Prohibition of Chemical Weapons vacancy search engine

Information Security Officer (Confidentiality) P-3


COMPLETE OUTLINE

Under the direction of the Head of Confidentiality and Information Security the post holder will undertake the following duties:

1. Develop and oversee the implementation of confidentiality-related policies, procedures and working instructions affecting all staff members throughout the Secretariat.

  • Assist the Head of the Confidentiality and Information Security Section (Head CISS) in developing and internally coordinating all confidentiality-related policies and procedures intended to be applicable Secretariat-wide to facilitate the work of the Organisation. 
  • Participate in meetings and informal consultations with Member States in which Confidentiality issues are discussed.  As requested by the Head of OCS or the Head of Section, brief and otherwise inform such meetings/consultations on specific confidentiality-related issues.
  • Co-ordinate with staff members of other branches/units to ensure that confidentiality requirements of the CWC are met during the daily operations of the Secretariat.
  • Draft all amendments to relevant policy documents, procedures, and guidance (i.e., the Manual of Confidentiality Procedure (MCP), identify and/or notify, and subsequently create new versions of the documents as required.
  • Assist with and coordinate the identity and access management system, specifically to the Secretariat’s Security Critical Areas (SCAs) and Security Critical Network (SCN) in accordance with the requirements of the OPCW Confidentiality Regime.
  1. Ensure that Statements of Access to Confidential Information (SACIs) for all staff members are maintained in an up-to-date and useable manner.
  1. Maintain the Confidential Information Access Register (CIAR) and co-ordinate the physical access rights of staff and non-staff.
  1. Monitor user access on the SCN ensuring access to confidential information is in line with that authorised through the CIAR.
  1. Regularly monitor access to confidential information on the SCN and follow-up access anomalies and/or questionable access to ensure (possible) breaches of confidentiality procedure are properly documented and reported to the Head of Section.
  • Provide confidentiality-related advice/assistance to OPCW inspection and non-routine mission teams as necessary and advise the Head of Section of recurring problem areas that may require additional guidance and/or training to be provided.
  • Serve as Secretary to the Confidentiality Commission providing all necessary assistance to the Chairman and Vice Chairs of the Commission during preparations for, conduct, and follow-up to annual or special meetings of the Commission.

  

2. Under the direction of the Head of Section, review new/amended Secretariat Administrative Directives (AD), policies, Standard Operating Procedures (SOPs) or Working Instructions (WIs) which may have an impact on OPCW confidential information or the handling and protection thereof.

 

  • Report to the Head of Section any threats/vulnerabilities to the handling/protection of OPCW confidential material that may be introduced by such new/amended documents. 
  • Recommend confidentiality and security controls to be introduced in such documents to adequately address the requirements of the OPCW Confidentiality Regime – particularly in areas related to the registration, secure archiving, reproduction, transmittal, destruction and electronic processing of confidential information and material.

          

3.  Under the direction of the Head of Section, organise and conduct training for all Secretariat staff, subsidiary organs of the OPCW and National Authority personnel on the handling and protection of confidential information and in support of the information security programme

  • Design/create and deliver to Secretariat staff regular Confidentiality and Security Induction training and annual refresher courses and, where necessary, provide specialised training for distinct user groups with varying levels of access to confidential information and security critical computing systems.
  • When necessary, provide briefings to cover confidentiality issues specific to particular inspection and non-routine missions, and provide team debriefings as necessary to discover and, if possible, immediately address specific problem areas.
  • When tasked by the Head of Section or Head of OCS, assist with promoting the security awareness programme by assisting with the creation of newsletters, bulletins, intranet posts, and training sessions. 
  • When tasked by the Head of Section or Head of OCS, provide training on issues relating to confidentiality to the Confidentiality Commission, Scientific Advisory Board and national/regional Member States seminars to provide participants a better understanding of confidentiality requirements, as well as the rights and obligations incurred by Member States under the Confidentiality Regime.

          

4.  Under the direction of the Head of Section, conduct of preliminary enquiries into (alleged) breaches of confidentiality and/or violations of confidentiality procedures;

  • Report all violations of the Confidentiality Regime to the Head of Section and advise on the conduct of respective enquiries and investigations. 
  • Advise/assist staff members on the proper reporting of (potential) breaches of confidentiality and/or confidentiality incidents and, as/when necessary, ensure such breaches/incidents are highlighted to the Head of Section and Head of OCS as soon as practically possible.
  • As directed by the Head of Section, assist in the collection of information pertaining to specific (potential) beaches of confidentiality or security incidents as part of the preliminary enquiry process. 
  • At the request of the Head of Section or Head of OCS, assist in conducting the full investigation of confidentiality incidents and other (information) security incidents when authorised/directed by the Director-General.

          

5.  Assist the Head of Section and contribute to the drafting of the Director General's “Annual Report on the Implementation of the Regime Governing Confidentiality” to the Conference of States Parties and any other report requiring input from the OCS Confidentiality.  

6.  Provide budget inputs to the Head of Section for confidentiality-related travel/ necessary to support the work of the Section.          

7.  Serve as Acting Head of Confidentiality and Information Security Section in cases of absence of the Head of Section.

8.  Perform other duties as required.

 

RECRUITING PROFILE:  

Education (Qualifications):

Essential:  

Advanced university degree or equivalent in security management, risk management, information security, law, administration or other relevant field. A first university degree in combination with qualifying experience (minimum of 7 years) within a national classified information management regime may also be accepted in lieu of an advanced university degree. Documented professional experience and/or specialised training in security management, risk management, information security, law administration or other relevant field may be considered in lieu of a first university degree. 

 

Desirable: 

Completion of formal training and related knowledge of classified/confidential information handling procedures, measures and controls.

 

Experience:  

Essential:  

  • At least 5 years of progressively responsible experience in the area of classified/confidential information management in a government or business environment with an advanced degree or 7 years with a first level degree, or with an additional 11 years in lieu of a university required. This must include as a minimum practical experience in;
    • Experience in assisting with the development and implementation of guidelines for use in managing operations in secure environments, particularly in relation to the handling of confidential and sensitive information assets;
    • Experience in assisting in the conduct of security investigations and risk assessments;
    • Experience in organising and conducting confidentiality training programmes;

 

Desirable:  Experience as a security auditor would be beneficial; Experience in the implementation of recognised privacy standards/regulatory requirements would be an asset.  

 

Skills and Abilities (key competencies):

  • Excellent knowledge of information security management and risk evaluation/assessment;
  • Excellent working knowledge of basic management and operations principles of a classified/confidential information management regime.
  • Excellent analytical and conceptualisation skills and an ability to plan and organise complicated processes;
  • Excellent inter-personal, interview and negotiation skills; 
  • Excellent communication skills, with a demonstrated ability to present information clearly and logically both verbally and in writing;
  • Strong computer skills and a demonstrated ability to draft, edit and present documents/papers in the English language;
  • Ability to act with discretion and tact in sensitive situations;
  • Ability to work well in a team with people of different national/cultural backgrounds.

 

Language Requirements:  Fluency in English is essential and a good working knowledge of one of the other official languages (Arabic, Chinese, French, Russian, and Spanish) is desirable.