Support and coordinate the information security governance function within UNHCR to promote consistent and high‑quality information security management in support of business objectives.
Contribute to the development and refinement of the information security approach and operating model in consultation with relevant stakeholders.
Monitor the global application of UNHCR's information security policy.
Facilitate governance processes and support the functioning of relevant coordination bodies, including preparing inputs and documentation.
Prepare regular reporting on the status of the information security activities, risks, and compliance for management and stakeholders.
Liaise with the vendor management and procurement functions to ensure that information security requirements are included in contracts.
Understand and interact with related disciplines to ensure the consistent application of policies and standards across all technology projects, systems and services, including privacy, risk management, compliance and business continuity management.
Provide clear risk-mitigating directives for projects with components in IT, including the mandatory application of controls.
Support the coordination of a cost-efficient information security organization consisting of dotted line reports of individuals across the organiz
Benefits
Vision insurance
Additional Information
Please note that this vacancy is only open to eligible staff members who have been individually notified of their eligibility to apply for positions advertised in the Accelerated Posting Compendium.
Deadline for Applications
June 12, 2026
Hardship Level
H (no hardship)
Family Type
Family
Residential location (if applicable)
Grade
PR4
Staff Member / Affiliate Type
Professional
Reason
Regular > Regular Assignment
Target Start Date
2026-06-01
Standard Job Description
Senior Information Security Officer
Organizational Setting and Work Relationships
Under the supervision of Chief Information Officer (CIO) and Director of the Information Technology Service (ITS), the Senior Information Security Officer (Senior ISO) supports and contributes to the implementation of UNHCR's information security policies and strategies to ensure that information assets and associated technology, applications, systems, infrastructure and processes are adequately protected in the digital ecosystem in which we operate. The Senior ISO is also analysis and advice on legal and regulatory, IT, and cybersecurity risks to information assets, keeping these risks aligned with the organization's evolving strategic priorities as well as operational requirements. A key element of the Senior ISO's role is supporting UNHCR's senior management to determine acceptable levels of risk for the organization in the context of Information Security.
The size and scope of the UNHCR Senior ISO role requires a leader who brings an expert knowledge of cybersecurity technologies covering the corporate systems as well as the broader digital ecosystem and quickly develops a sound knowledge of UNHCR's core business needs. The incumbent supports and coordinates the implementation of information security program, working across diverse stakeholders and functions, and contributing to consistent and effective application of security controls without direct line authority.
The Senior ISO proactively works with UNHCR's divisions and regional bureaux and external partners to support compliance monitoring with agreed-on policies and standards for information security. S/he supports the coordination and provides technical input into cybersecurity and risk management activities related to IT to ensure the achievement of the organization's operational outcomes where the process is dependent on technology. S/he articulates the impact of cybersecurity on UNHCR's systems supporting operations, be able to efficiently communicate this to the CIO and other senior stakeholders.
The Senior ISO supports second‑line assurance activities related to confidentiality, integrity and availability, in accordance with established governance frameworks. Access to information systems and records is exercised in line with applicable rules, procedures and delegated authorizations. The role requires the consistent application of professional judgment and contributes to good practice through collaboration with relevant stakeholders and networks.
All UNHCR staff members are accountable to perform their duties as reflected in their job description. They do so within their delegated authorities, in line with the regulatory framework of UNHCR which includes the UN Charter, UN Staff Regulations and Rules, UNHCR Policies and Administrative Instructions as well as relevant accountability frameworks. In addition, staff members are required to discharge their responsibilities in a manner consistent with the core, functional, cross-functional and managerial competencies and UNHCR's core values of professionalism, integrity and respect for diversity.
Unhcr · Geneva, Switzerland