Associate Digital Security Officer

Post Number: DBS 194

Grade: P-2

Parent Sector: Bureau for Digital Business Solutions (DBS)

Duty Station: Paris

Job Family: Computer Sciences / Information Technologies

Type of contract: Fixed Term

Duration of contract: 2 years, renewable

Recruitment open to: Internal and external candidates

Application Deadline (Midnight Paris Time): 08-NOV-2025

UNESCO Core Values: Commitment to the Organization, Integrity, Respect for Diversity, Professionalism

This post is located within the Bureau of Digital Business Solution (DBS), under the direct supervision of the Head of Digital Security, Archives and Digital Assets Section. The overall objective of the role is to ensure the smooth ongoing operation of cybersecurity activities within UNESCO’s Digital Security team.

The Associate Digital Security Officer will significantly engage and interact with internal and external IT technical teams and cybersecurity specialists. He/she works with the Digital Security Team and provides relevant and contextualized technical information to efficiently respond to incident, enhance organizational’s resilience, and improve the cybersecurity posture of the Organization overall. The Associate Digital Security Officer will be a key part of a dynamic team kickstarting a major overhaul of IT infrastructure to support UNESCO’s accelerating digital transformation and move to the cloud.

The work involves a range of assignments related to the development and maintenance of a secure IT infrastructure and digital solutions, with the objective of ensuring reliability, resilience and compliance to protect UNESCO against external and internal cybersecurity threats.

• Manage Security Operations: Provide smooth and effective information security operations, ensuring the timely evolution of capability and adopting industry best practices; provide regular reporting to the Chief Information Security Officer. Maintain an up-to-date cartography of all resources, equipment and software ensuring optimum protection and detection against the main threats. Contribute to evaluating new security software, products, and services.
• Supervise security monitoring and manage incident response: Manage the relationship and act as the main contact with the managed security service provider (SOC), ensuring compliance with the contract, and the relevance and responsiveness of the actions performed. In collaboration with the provider, manage information security incident response, investigate, take appropriate corrective actions to prevent future similar security breaches and provide thorough post-event analyses.
• Monitor security policy compliance: Exercise an advice and control function to ensure that UNESCO IT products and services comply with corporate security policies. Conduct regular security audits and risk assessments including developing scripts and solutions to review the security configuration of digital assets, propose and implement appropriate remediation measures to safeguard the information security posture of the Organization. Ensure that all products are configured according to vendors recommendations and best practices from an information security point of view. Monitor patch management frequency and scheduling, advise operational teams.
• Other activities: Keep abreast of and evaluate information security innovation, solutions, trends and best practices to respond to the continually evolving need to protect the digital assets of the Organization. Support the drafting and implementation of digital security policies aligned to the risk tolerance of the Organization. Advise on digital security related matters as necessary.

• Communication
• Accountability
• Innovation
• Knowledge sharing and continuous improvement
• Planning and organizing
• Results focus
• Teamwork
• Professionalism

For detailed information, please consult the UNESCO Competency Framework.

• An advanced university degree (Master’s or equivalent) in computer sciences, information security, information technology or a related field.

• At least two (2) years of relevant professional experience and proven capacity in threat analysis and security incident response, of which preferably 1 year acquired at international level.

• In-depth knowledge and understanding of application security, cloud security (particularly Microsoft Azure), and systems security, as well as security solutions.
• Good knowledge of operating systems, Windows and Linux, as well as networking protocols.
• Broad knowledge of current and emerging technologies, industry trends and best practices together with demonstrated experience evaluating their strategic value.
• Analytical skills and the ability to effectively troubleshoot and prioritize needs, requirements and other issues.
• Good communication skills.

• Excellent knowledge (written and spoken) of English or French and good knowledge of the other language.

• Professional Certifications in Comp tia Sec+, Network+, CEH or Azure Security Engineer would be an asset.

• Experience in an international and cross-cultural setting would be preferable.

• Knowledge of another official UNESCO language (Arabic, Chinese, Russian or Spanish).

UNESCO’s salaries consist of a basic salary and other benefits which may include if applicable: 30 days annual leave, family allowance, medical insurance, pension plan etc.

The approximate annual starting salary for this post is 87 929 US $.

For full information on benefits and entitlements, please consult the staff benefits guide.

Please note that all candidates must complete an on-line application and provide complete and accurate information. To apply, please visit the UNESCO careers website. No modifications can be made to the application submitted.

The evaluation of candidates is based on the criteria in the vacancy notice, and may include tests and/or assessments, as well as a competency-based interview.

UNESCO uses communication technologies such as video or teleconference, e-mail correspondence, etc. for the assessment and evaluation of candidates.

Please note that only selected candidates will be further contacted and candidates in the final selection step will be subject to reference checks based on the information provided.

Note: This description is a refined formatting of the original content to comply with tag restrictions.