Cybersecurity Advisory & Protection Services Officer P4 - Rome, Italy

DEADLINE FOR APPLICATIONS

WFP celebrates and embraces diversity. It is committed to the principle of equal employment opportunity for all its employees and encourages qualified candidates to apply irrespective of race, colour, national origin, ethnic or social background, genetic information, gender, gender identity and/or expression, sexual orientation, religion or belief, HIV status or disability.

ABOUT WFP

The World Food Programme is the world’s largest humanitarian organization saving lives in emergencies and using food assistance to build a pathway to peace, stability and prosperity, for people recovering from conflict, disasters and the impact of climate change.

At WFP, people are at the heart of everything we do and the vision of the future WFP workforce is one of diverse, committed, skilled, and high performing teams, selected on merit, operating in a healthy and inclusive work environment, living WFP's values (Integrity, Collaboration, Commitment, Humanity, and Inclusion) and working with partners to save and change the lives of those WFP serves.

To learn more about WFP, visit our website: https://www.wfp.org and follow us on social media to keep up with our latest news: YouTube, LinkedIn, Instagram, Facebook, Twitter, TikTok.

WHY JOIN WFP? 

• WFP is a 2020 Nobel Peace Prize Laureate.

• WFP offers a highly inclusive, diverse, and multicultural working environment.

• WFP invests in the personal & professional development of its employees through a range of training, accreditation, coaching, mentorship, and other programs as well as through internal mobility opportunities.

• A career path in WFP provides an exciting opportunity to work across the various country, regional and global offices around the world, and with passionate colleagues who work tirelessly to ensure that effective humanitarian assistance reaches millions of people across the globe.

• We offer an attractive compensation package (please refer to the Terms and Conditions section of this vacancy announcement).

ORGANIZATIONAL CONTEXT

The position is based in Rome, Italy and reports to the Chief Information Security Officer (CISO), as part of the broader Technology Division.

The information security landscape is rapidly evolving, making cybersecurity a top priority for WFP. With a global presence and a decentralized decision-making structure, WFP is committed to fostering proactive IT operations to minimize risk exposure, detect and respond to advanced threats, ensure ongoing compliance, and optimize security operations costs.

The incumbent will provide Subject Matter Expert (SME) expertise in cybersecurity, offering specialized knowledge and support to ensure the effective delivery of cyber advisory services. The SME will contribute technical insights, develop solutions, and collaborate with cybersecurity professionals to address complex security challenges. This role is instrumental in supporting the business through expert advisory activities, including but not limited to risk management, compliance, and the development of secure IT practices.

JOB PURPOSE

To lead and oversee strategic cybersecurity initiatives at WFP, providing expert guidance to protect mission-critical operations in a rapidly evolving digital landscape. As both a subject matter expert and driver of key activities within the Cybersecurity Advisory and Protection Services team, the incumbent will deliver consulting services across cybersecurity standards, architecture, data protection, cloud and AI security, and more—supporting WFP’s global operations through enhanced resilience, awareness, and assurance.

KEY ACCOUNTABILITIES

• Provide expertise in the daily operations of Cybersecurity Advisory and Protection Services team, ensuring effective security measures and alignment with organizational needs. Deliver detailed reporting on critical activities, incidents, and progress to the Chief Information Security Officer (CISO).
• Act as a liaison between cybersecurity functions, technical branches, and business units, offering expert-level guidance to integrate cybersecurity into organizational processes and strategic initiatives.
• Provide expert support and advisory services to County Offices and Regional Bureaus to address cybersecurity challenges and maintain compliance with corporate security standards.
• Lead comprehensive reviews of proposed network architectures, IT solution configurations, and system integrations to identify and mitigate potential security risks, ensuring adherence to risk management best practices and policies.
• Develop, implement, and maintain cybersecurity standards, frameworks, policies, and guidelines to elevate the organization's overall security maturity, with particular focus on emerging technologies such as cloud services and IoT environments.
• Oversee the end-to-end lifecycle of cybersecurity policies, including their drafting, stakeholder approvals, corporate dissemination, implementation, adoption monitoring, and enforcement mechanisms.
• Represent Information Security branch (TECI) in all interactions with the Office of Inspector General (OIG), ensuring compliance and proactive engagement in audit and investigation activities.
• Manage the Third-Party Cybersecurity Assessment Program to evaluate and mitigate supply chain risks, ensuring vendor compliance with organizational security requirements and standards.
• Partner with organizational leadership and other teams to identify current and emerging security risks, design robust security strategies, and implement solutions to reduce exposure and enhance resilience.
• Build and sustain effective relationships with key stakeholders, including Legal, Compliance, Risk Management, the Global Privacy Office, and other oversight functions, to conduct joint reviews, ensure audit readiness, and address policy violations.
• Provide expertise in cybersecurity awareness and training activities to promote a culture of security.
• Lead consulting engagements across organizational units and UN-affiliated entities, providing expertise in cybersecurity and data protection to drive successful execution of projects.
• Defend the organization by building and implementing security processes and procedures to protect and respond to organizational risks that relate to cybersecurity.
• Perform other duties as required.

QUALIFICATIONS AND EXPERIENCE
Education:

• University degree (Bachelor or equivalent) in Information Security, Computer Science, Information Technology, or related field.
• At least one professional certification (CISSP, CISM, CISA, or OSCP) in the field of information security is required.

Experience:

• At least 8 years of progressively responsible work experience in information security, including advisory or consulting roles, policy development and working with internal audit or investigations unit. Previous work experience in or with international organizations or UN agencies is highly desirable.

Language:

• Fluency (level C) in English language. Intermediate knowledge (level B) of a second official UN language: Arabic, Chinese, French, Russian, Spanish, and/or Portuguese (a WFP working language).

MORE ABOUT YOU

You have:

• Sound IT Security skills, with both academic background and practical hands-on experience
• Deep understanding of industry standards and frameworks such as NIST Cybersecurity Framework (CSF), ISO/IEC 27001, CIS Controls, and other relevant compliance standards and regulations.
• Solid IT SDLC expertise.
• Experience in working with Cloud and Network security
• Good project management skills.
• Ability to effectively manage multicultural teams, coaching and mentoring and managing the performance of employees.
• Ability to effectively engage and present technical concepts to leadership and business, and act as a bridge between IT, business and oversight bodies
• Proven experience in risk assessment, threat modelling, and mitigation.

TERMS AND CONDITIONS

This is an International Professional position and is open to all nationalities.

Mobility is and continues to be a core contractual requirement in WFP. This position is however classified as “non-rotational” which means the incumbent shall not be subject to the regular reassignment process unless the position is reclassified as rotational. The selected candidate will be employed on a fixed-term contract with a probationary period of one year. This position is open to both internal and external candidates.

WFP offers an attractive compensation and benefits package in line with ICSC standards (http://icsc.un.org) including basic salary, post adjustment, relocation entitlement, visa, travel and shipment allowances, 30 days’ annual leave, home leave, an education grant for dependent children, a pension plan, and medical insurance.

The selected candidate will be required to relocate to Rome, Italy to take up this assignment.

WFP LEADERSHIP FRAMEWORK

WFP Leadership Framework guides to the common standards of behavior that guide HOW we work together to accomplish our mission.

Click here to access WFP Leadership Framework

REASONABLE ACCOMMODATION

WFP is committed to supporting individuals with disabilities by providing reasonable accommodations throughout the recruitment process. If you require a reasonable accommodation, please contact:  global.inclusion@wfp.org

NO FEE DISCLAIMER

The United Nations does not charge any application, processing, training, interviewing, testing or other fee in connection with the application or recruitment process. Should you receive a solicitation for the payment of a fee, please disregard it. Furthermore, please note that emblems, logos, names and addresses are easily copied and reproduced. Therefore, you are advised to apply particular care when submitting personal information on the web.

REMINDERS BEFORE YOU SUBMIT YOUR APPLICATION

• We strongly recommend that your profile is accurate, complete, and includes your employment records, academic qualifications, language skills and UN Grade (if applicable).

• Once your profile is completed, please apply, and submit your application.

• Please make sure you upload your professional CV in the English language

• Kindly note the only documents you will need to submit at this time are your CV and Cover Letter

• Additional documents such as passport, recommendation letters, academic certificates, etc. may potentially be requested at a future time

• Please contact us at global.hrerecruitment@wfp.org in case you face any challenges with submitting your application

• Only shortlisted candidates will be notified

All employment decisions are made on the basis of organizational needs, job requirements, merit, and individual qualifications. WFP is committed to providing an inclusive work environment free of sexual exploitation and abuse, all forms of discrimination, any kind of harassment, sexual harassment, and abuse of authority. Therefore, all selected candidates will undergo rigorous reference and background checks.

No appointment under any kind of contract will be offered to members of the UN Advisory Committee on Administrative and Budgetary Questions (ACABQ), International Civil Service Commission (ICSC), FAO Finance Committee, WFP External Auditor, WFP Audit Committee, Joint Inspection Unit (JIU) and other similar bodies within the United Nations system with oversight responsibilities over WFP, both during their service and within three years of ceasing that service.