Consultant Information Technology

DEADLINE FOR APPLICATIONS

WFP celebrates and embraces diversity. It is committed to the principle of equal employment opportunity for all its employees and encourages qualified candidates to apply irrespective of race, colour, national origin, ethnic or social background, genetic information, gender, gender identity and/or expression, sexual orientation, religion or belief, HIV status or disability.

ABOUT WFP

The World Food Programme is the world’s largest humanitarian organization saving lives in emergencies and using food assistance to build a pathway to peace, stability and prosperity, for people recovering from conflict, disasters and the impact of climate change.

At WFP, people are at the heart of everything we do and the vision of the future WFP workforce is one of diverse, committed, skilled, and high performing teams, selected on merit, operating in a healthy and inclusive work environment, living WFP's values (Integrity, Collaboration, Commitment, Humanity, and Inclusion) and working with partners to save and change the lives of those WFP serves.

To learn more about WFP, visit our website: https://www.wfp.org and follow us on social media to keep up with our latest news: YouTube, LinkedIn, Instagram, Facebook, Twitter, TikTok.

WHY JOIN WFP? 

• WFP is a 2020 Nobel Peace Prize Laureate.

• WFP offers a highly inclusive, diverse, and multicultural working environment.

• WFP invests in the personal & professional development of its employees through a range of training, accreditation, coaching, mentorship, and other programs as well as through internal mobility opportunities.

• A career path in WFP provides an exciting opportunity to work across the various country, regional and global offices around the world, and with passionate colleagues who work tirelessly to ensure that effective humanitarian assistance reaches millions of people across the globe.

• We offer an attractive compensation package (please refer to the Terms and Conditions section of this vacancy announcement).

JOB TITLE: Senior Cybersecurity Specialist
TYPE OF CONTRACT: Consultant
UNIT/DIVISION: TECI
DUTY STATION (City, Country): Remote
DURATION: Up to 31/Dec/2026 (renewable)

BACKGROUND AND PURPOSE OF THE ASSIGNMENT:
Under the overall supervision of the Chief of TECI and the direct supervision of a Head of Unit, the consultant will work with TEC Units and system owners to review corporate security standards and build, review and enforce robust compliance to the same. The Senior Cybersecurity Specialist will work as Subject Matter Expert for IT security aspects regarding the vulnerabilities and risks associated with WFP corporate platforms (LAN/WAN/Cloud, etc.) and will act as IT security checkpoint for new implementations (like AWS and Cloud migrations) with focus on Web applications, AI-based services and API-based infrastructures.

ACCOUNTABILITIES/RESPONSIBILITIES:
The consultant will be responsible for the following tasks:
•Serve as the subject matter expert (SME) and technical lead for activities that involve IT Security components on Internet-exposed WFP systems, with focus on the security posture of critical services.
•Enforce best practices on suggested course of action for vulnerability related Risks, provide in-depth analytics for un-mitigated Risks and identify related patterns to facilitate proper escalation to the relevant forum.
•Provide SME and advisory support to key stakeholders in the identification of vulnerabilities, security compliance issues and requirements, including mitigating or compensatory controls.
•Coordinate security assessments, reconnaissance exercises (e.g., “Shadow IT”), penetration testing and system-hardening activities and lead any post-test follow-up action needed.
•Research and analyze automation and integration of AI-powered tools to improve the overall cohesion of TECI vulnerability management platforms and workflows.
•Keep abreast of changes in the WFP cyberattack surface by means of continuous scanning and monitoring platforms on premises and on cloud to detect eventual non-standard misconfigurations, developing remediation and enforcement measures to restore compliance.
•Upon request by the Chief Information Security Officer, deliver SME and advisory support to other TECI units on the implementation projects led by TECI and other branches within TEC.
•Other duties as required by the IT Security Branch.

DELIVERABLES AT THE END OF THE CONTRACT:
•Extension of Vulnerability Management scope on multiple landscapes (Web Application Scanner, Cloud Network Scanner, Cloud Agent coverage, and Compliance Monitoring).
•Periodic security status reports and remediation actions for “crown-jewel”, web-based systems, and API interfaces, reporting on both technical and non-technical risks and mitigation activities.
•Security assessment and penetration testing as requested and corresponding status reports.
•Continuous hardening of Web-Applications, APIs and DevOps pipelines

•
Analysis, review and eventual validation/reject of new technology adoptions by TECI by means of market comparative analysis, execution of Proof of Concept exercises and functional testing and review.
QUALIFICATIONS & EXPERIENCE REQUIRED:
Education:
University Degree in Computer Science or Information Technology or equivalent hands-on experience (10+ years)
Experience:
•Minimum of 6 years of experience in the field of Information Technology Security
•Minimum of 6 years of experience in vulnerability management and ERP security
Knowledge & Skills:
•Broad IT and technology skills in general with focus on IT security tools, automation and security platforms integration
•In-depth expertise in vulnerability management platforms and related technologies
•Detailed knowledge of network security and secure network layouts
•Extensive knowledge of vulnerability assessment and penetration testing tools, with specific focus on Web applications, services and API infrastructures
•Broad experience in system hardening processes at all levels (network, operating systems, authentication/authorization, data)
•Sound knowledge of main authentication mechanisms (local, LAN-WAN, Cloud-based)
Languages:
Fluency (level C) in English language. Desirable Italian and/or any other UN official language.

WFP LEADERSHIP FRAMEWORK

WFP Leadership Framework guides to the common standards of behavior that guide HOW we work together to accomplish our mission.

Click here to access WFP Leadership Framework

REASONABLE ACCOMMODATION

WFP is committed to supporting individuals with disabilities by providing reasonable accommodations throughout the recruitment process. If you require a reasonable accommodation, please contact:  global.inclusion@wfp.org

NO FEE DISCLAIMER

The United Nations does not charge any application, processing, training, interviewing, testing or other fee in connection with the application or recruitment process. Should you receive a solicitation for the payment of a fee, please disregard it. Furthermore, please note that emblems, logos, names and addresses are easily copied and reproduced. Therefore, you are advised to apply particular care when submitting personal information on the web.

REMINDERS BEFORE YOU SUBMIT YOUR APPLICATION

• All applications must be submitted exclusively through our online recruiting system. We do not consider CVs or applications sent by email, LinkedIn, or any other channel.

• We strongly recommend that your Workday profile is accurate and complete, and that all sections are filled in, including your employment history, academic qualifications, language skills, and UN grade (if applicable). Once your profile is completed, please apply, and submit your application.

• If you experience technical issues while submitting your application, you may contact us at global.hrerecruitment@wfp.org. Please note that this email is only for technical issues with an application - unsolicited applications or documents sent to this inbox will not receive a reply.

• At the application stage, the only required documents are your CV and Cover Letter. Additional documents (passport, certificates, recommendation letters, etc.) may be requested later in the process.

• Only shortlisted candidates will be contacted and invited to proceed to the next stage of the recruitment process.

All employment decisions are made on the basis of organizational needs, job requirements, merit, and individual qualifications. WFP is committed to providing an inclusive work environment free of sexual exploitation and abuse, all forms of discrimination, any kind of harassment, sexual harassment, and abuse of authority. Therefore, all selected candidates will undergo rigorous reference and background checks.

No appointment under any kind of contract will be offered to members of the UN Advisory Committee on Administrative and Budgetary Questions (ACABQ), International Civil Service Commission (ICSC), FAO Finance Committee, WFP External Auditor, WFP Audit Committee, Joint Inspection Unit (JIU) and other similar bodies within the United Nations system with oversight responsibilities over WFP, both during their service and within three years of ceasing that service.