Individual Consultant - Cybersecurity expert (for Indian Nationals only)


Location : New Delhi, INDIA
Application Deadline :20-Jan-22 (Midnight New York, USA)
Type of Contract :Individual Contract
Post Level :National Consultant
Languages Required :
English  

UNDP is committed to achieving workforce diversity in terms of gender, nationality and culture. Individuals from minority groups, indigenous groups and persons with disabilities are equally encouraged to apply. All applications will be treated with the strictest confidence.

UNDP does not tolerate sexual exploitation and abuse, any kind of harassment, including sexual harassment, and discrimination. All selected candidates will, therefore, undergo rigorous reference and background checks.


Background

The Information Technology Service (ITS) is responsible for developing sustainable and affordable ICT solutions and providing integrated Solutions to meet the needs of UNOV-UNODC globally.

The India Technical Hub (EAD-ITH) located in New Delhi is a core pillar in the delivery of solutions under the UN Secretariats ICT strategy. ITS is developing an architecture and management processes to ensure the confidentiality, integrity and accessibility of United Nations Office on Drugs and Crime owned systems and data. As part of this strategy and under the oversight of Chief, ITS and direct supervision of the Head – ITH; the Cybersecurity expert will be responsible for the following:


Duties and Responsibilities

  • Provide support in the planning, specification, design, implementation, and maintenance of intrusion Detection Systems (IDS) in Field Offices.
    • Work with Intrusion Detection Systems (IDS), standard vulnerability analysis tools like Nmap and Nessus, and perform TCP/IP packet level diagnoses.
  • Perform regular security testing (e.g., Penetration Testing) for each Field Office - both externally and internally to establish vulnerabilities and provide mitigation measures.
    • Support stakeholders to identify security risks and mitigation strategies.
    • Receive and log problem calls or service requests in an automated tracking system.
    • Act as an ICT Security escalation point for Field Office locations.
    • Acts as incidence response coordinator - to handle the security incidence
  • Advise the UNODC Field Office locations on UN Secretariat policies for ICT Security and support implementation.
  • Perform administration, technical support, and monitoring of ICT security services.
  • Undertake complex trouble-shooting and basic forensics (in case of an incident) of server and security systems on Cisco and Checkpoint component-based LAN/WAN infrastructure.
  • Maintain the Security Advisory Tracker provided by OICT Cybersecurity detailing vulnerabilities and mitigation measures.
  • Maintain systems documentation.
  • Conduct research on new technologies as requested; keep abreast of developments in the field; assist in testing and evaluating new products and technologies.
  • Keep abreast of relevant ICT UN security standards, policies, and procedures.
  • Conduct duties as required.

Payment Scheduled:

  • Payments will be deliverable linked and would be made on satisfactory delivery of stipulated deliverables.
  • Payment would be only after acceptance from the Head – ITH.
  • Payment would come strictly as per the following schedule of payments:

Outputs and Deliverables

Payment Milestone

Deliverable target

  • Perform security testing (e.g., Penetration Testing) for 30 Field Offices - from external and internal to get information about their vulnerabilities. Apprise them of the same and develop a mitigation plan

 

20%

31 March 2022

  • Design and develop an implementation plan for deploying Intrusion Detection Systems (IDS) in 30 Field Offices across the globe.

 

20%

31 May 2022

  • Implement Intrusion Detection Systems (IDS) in 30 Field Offices across the globe

 

20%

30 June 2022

  • Undertake an assessment of various software systems and web portals developed and managed by Field offices for their offices and member states.

 

20%

30 September 2022

  • Prepare a consolidation report on Intrusion Detection System, way forward document, and security assessment guidelines for field office's networks.

 

20%

31 December 2022

  • Please note:
    • The expert will be given a complete orientation to the requirements before the start.
    • The expert is required to share their work frequently, and immediate feedback would be shared.
    • The expert would be required to submit all the source documents, designs, and assets and not reuse them for any of their external requirements.

 


Competencies

  • Professionalism: Excellent interpersonal and communication skills. Strong analytical, research, reporting, and writing abilities. Strong organizational and process management competencies. Ability to rapidly analyze and integrate diverse information from varied sources. Ability to produce a variety of written media products in a clear, concise, journalistic style. Ability to deliver oral presentations to various audiences. Is motivated by professional rather than personal concerns. Ability to apply judgment in the context of assignments given, plan own work and manage conflicting priorities, and remain calm in stressful situations. Shows persistence when faced with complex problems or challenges.
  • Accountability: Takes ownership of all responsibilities and honors commitments; delivers outputs for which one has responsibility within the prescribed time, cost, and quality standards; operates in compliance with organizational regulations and rules; supports subordinates, provides oversight, and takes responsibility for delegated assignments; takes personal responsibility for his/her own shortcomings and those of the work unit, where applicable.
  • Teamwork: Works collaboratively with colleagues to achieve organizational goals; solicits input by genuinely valuing others' ideas and expertise; is willing to learn from others; places team agenda before personal agenda; builds consensus for task purpose and direction with team members; supports and acts in accordance with final group decisions, even when such decisions may not entirely reflect own position; shares credit for team accomplishments and accepts joint responsibility for team shortcomings.


Required Skills and Experience

  • Education: University degree (Bachelor's degree or equivalent) in Computer Science or equivalent is required. Formal certification in information security is required for this profile.
  • Experience:     A minimum of five years of progressively responsible experience in a similar capacity is required. Experience in setting up of Intrusion Detection Systems, routers, and firewalls is required.
  • Languages:     English and Hindi

Evaluation Criteria:

The award of the contract shall be made to the individual consultant whose offer has been evaluated and determined as a response and has received the highest score out of a pre-determined set of weighted technical and financial criteria specific to the solicitation.

  • Technical Criteria weight - 70%.
  • Financial Criteria weight - 30%.
  • Only candidates obtaining a minimum of 49 points (70% of the total technical points) would be considered for the financial evaluation.

Criteria for Technical Evaluation:

  • Qualification – 10 marks.
  • Relevant Work Experience – 60 marks.

Criteria for Financial Evaluation:

Technically qualified consultants will be requested to submit their lump sum rate, i.e., consultants who score more than 70%, i.e., 49 marks with respect to the above-mentioned evaluation criteria. The consultant should not specify their consultancy fee on their CV or with the submission. The CV will not be evaluated further in case the consultant submits the same.

Candidates obtaining a minimum of 49 points/marks (70% of the total techncial points) only would be considered for the Financial Evaluation.

Document to be submitted:

Updated CV (particularly highlighting similar assignment and relevant work experience)

Note: 
1. Any kind of miscellaneous charges i.e. Internet, Phone, relocation etc. would not be reimburses.
2. Travel, Lodging and Boarding as per the UNDP rules, subject to the prior approval.
3. Individual working with Institutions may also apply, RLA (Reimbursement Loan Agreement) would be issued in the name of the Institutions for the specific services of the Individual.

UNDP strives to have a workforce which reflects diversity and gender balance, and applies an eauql opportunities approach. Qualified female canidates are strongly encouraged to apply.

All selections are on merit.



If you are experiencing difficulties with online job applications, please contact the eRecruit Helpdesk.

© 2016 United Nations Development Programme