VN 2021/070 SV National NIST Certification Officer NO-A (1 positions)

Open to Internal and External Candidates

Position title: National NIST Certification Officer

Position grade: NOA

Type of Appointment: OYFT

Closing Date : November 19, 2021

Duty station: El Salvador

Position number: VN 2021/070

Organizational context:

Under the direct supervision of the RSC Data Integrity Officer, and the overall supervision of the RSC Deputy Project Manager, the incumbent will analyze the USRAP information security framework, develop NIST 800-53 control documentation for the USRAP Resettlement Support Center (RSC) in Latin America , and monitor the progress of control implementation and effectiveness.


  1. Examine existing information security framework in IOM Resettlement Support Center (RSC) against NIST 800-53 certification standards and donor requirements, identifying gaps in compliance.
  2. Produce monthly gap reports.
  3. Communicate effectively and regularly with RSC management and the National NIST Certification Officer in Washington DC for addressing gaps and mitigating identified risks.
  4. In coordination with RSC management and technical focal points, produce NIST 800-53 control documentation covering each RSC hub and office.
  5. Assist the USRAP Data Integrity and Reports Officer (Washington, DC) and the National NIST Certification Officer (Washington, DC) with coordinating the implementation of USRAP information security requirements, NIST controls and external audits between IOM ICT, RSC management, department focal points in IOM and technical focal points for the donor.
  6. Offer expertise, written and oral, in interpretation of security controls, risk and overall results to RSC management as needed.
  7. Contribute to Authorization to Operate documentation.
  8. In cooperation with the ICT security team, perform functional, operational and vulnerability testing of the USRAP information security infrastructure.
  9. Maintain and ensure the confidentiality and integrity of all personnel-related information by implementing control procedures in line with IOM standards of conduct and data protection rules.
  10. Perform other related functions as required.

Education and Experience

* Bachelor’s degree in computer science, information systems, cyber security, computer engineering, or other related discipline

* Certificates of completion of auditing courses in information security

* A minimum of two years of relevant experience in information security, information security auditing, or security documentation

* Experience with government or intergovernmental organizations is an advantage.


· Strong analytical and technical skills – ability to assess information security infrastructure with great attention to detail.

· Familiarity with enterprise information technology infrastructure such as Azure, Microsoft 365, cloud hosting and VPN.

· Excellent communication, interpersonal and writing skills.

· Excellent computer skills and proficiency in Microsoft Office applications.

· Relevant experience in IOM policies and procedures would be an advantage


Fluency in Spanish and English (Oral and Written)

Required Competencies

Values – all IOM staff members must abide by and demonstrate these three values:**

  • Inclusion and respect for diversity: respects and promotes individual and cultural differences; encourages diversity and inclusion wherever possible.
  • Integrity and transparency: maintains high ethical standards and acts in a manner consistent with organizational principles/rules and standards of conduct.
  • Professionalism: demonstrates ability to work in a composed, competent and committed manner and exercises careful judgment in meeting day-to-day challenges.

Core Competencies – behavioural indicators level 2*

  • Teamwork: develops and promotes effective collaboration within and across units to achieve shared goals and optimize results.
  • Delivering results: produces and delivers quality results in a service-oriented and timely manner; is action oriented and committed to achieving agreed outcomes.
  • Managing and sharing knowledge: continuously seeks to learn, share knowledge and innovate.
  • Accountability: takes ownership for achieving the Organization’s priorities and assumes responsibility for own action and delegated work.
  • Communication: encourages and contributes to clear and open communication; explains complex matters in an informative, inspiring and motivational way.

Managerial Competencies – behavioural indicators level 2

  • Leadership: provides a clear sense of direction, leads by example and demonstrates the ability to carry out the organization’s vision; assists others to realize and develop their potential.
  • Empowering others & building trust: creates an atmosphere of trust and an enabling environment where staff can contribute their best and develop their potential.
  • Strategic thinking and vision: works strategically to realize the Organization’s goals and communicates a clear strategic direction

How to apply

How to apply


Interested internal candidates are invited to submit their applications by completing and sending the Internal Application Form (form attached), a letter of interest, and a CV to the following e-mail address: by November 19th, 2021 at the latest, referring to this advertisement.

External Candidates that comply with the profile will need to send the Resume and a letter of interest to by November 19th, 2021 at the latest, referring to this advertisement.


• The motivation/cover letter should be a maximum of 1 page long and in English. It should state the position(s) you are applying for

• The CV should be a maximum of 2 pages long and in English.


• Only the applications that comply with the required profile will be taken into consideration.

• Those applications received after the due date or the ones that don’t include the name of the position, will not be considered.

• This vacancy is open for local staff or international staff with legal permit to work in the Country.

• The attachment shouldn’t weight over 2 MB.