Organisation for Economic Co-operation and Development (OECD)

OECD Paris, France

Technical Adviser – Information Security Management ( Job Number: 15647 )

Application Closing Date: 30-09-2022, 9:59:00 PM

The OECD is a global economic forum working with 38 member countries and more than 100 emerging and developing economies to make better policies for better lives. Our mission is to promote policies that will improve the economic and social well-being of people around the world. The Organisation provides a unique forum in which governments work together to share experiences on what drives economic, social and environmental change, seeking solutions to common problems.

The Global Forum on Transparency and Exchange of Information for Tax Purposes (the Global Forum) has played a key role in the development and acceptance of international standards on transparency and effective exchange of information (EOI) for tax purposes and in monitoring progress in implementing these standards. It has played a critical role in the international community’s efforts over the past ten years to counter international tax avoidance and evasion. The Global Forum currently includes over 160 members on an equal footing, a list of whom can be found on the Global Forum website (link)

The Global Forum Secretariat is based in the OECD’s Centre for Tax Policy and Administration (CTPA) which is the focal point for the OECD’s work on all taxation issues, both international and domestic.

The Global Forum’s primary focus is to oversee the implementation of the standards. The main part of the Global Forum’s work is to prepare peer review reports which assess a jurisdictions’ legal framework for exchange of information as well its practices. The Global Forum peer review work includes monitoring and reviewing jurisdictions’ implementation of the new international standard on Automatic Exchange of Information (AEOI). This includes reviewing and preparing reports on member tax administrations’ Information Security Management (ISM) arrangements and their safeguarding of data exchanged under international EOI agreements to seek to ensure that these are aligned with internationally recognised information security standards. The Global Forum also provides capacity building services and technical assistance to member jurisdictions, particularly developing country tax administrations, to help them implement the standards in the area of ISM in order to participate and benefit from AEOI and the new environment of tax transparency and EOI.

The Global Forum is looking for an Information Security Management (ISM) expert, who will work with jurisdictions participating in AEOI as part of their preparation and participation in a peer review with respect to ISM issues. S/he will report to the Global Forum’s Head of Unit for Technical Assistance.

Main Responsibilities

ISM peer reviews and technical assistance

  • Participate in assessments of ISM arrangements for member jurisdictions, including onsite visits, in conjunction with a team of ISM experts and provide technical input into the report of findings.
  • Review and provide technical input on ISM-related information and materials provided by members’ tax administrations.
  • Working with other ISM experts, develop assessment principles across the various ISM assessment topics, especially IT security.
  • Prepare or compile model ISM-related policies, procedures and other materials destined for jurisdictions receiving technical assistance.
  • Develop knowledge-building tools (toolkits, e-learning, etc.) and training courses on ISM-related topics.
  • Advise and coach member-jurisdictions on ISM-related issues and prepare responses in relation to members’ ISM-related technical queries.
  • Advise the Secretariat on the development and application of its processes for dealing with data breaches.
  • Provide tactical advice on incident management and support for the Global Forum’s breaches plan, as outlined in the AEOI framework.
  • Develop guidance and advice for member tax administrations on ISM aspects for the procurement and implementation of IT solutions for international EOI, including AEOI.
  • Develop and maintain effective processes for peer reviews and technical assistance
  • Develop and enhance the Secretariat’s internal work methods, tools, and processes to support the peer review work and technical assistance projects of the Global Forum Secretariat in the area of ISM.
  • Test and improve the effectiveness of the Global Forum’s ISM peer reviews and technical assistance programme on an ongoing basis.
  • Support the Secretariat’s policy proposals and discussions in the Global Forum meetings to refine peer review rules and processes on ISM aspects.
  • Monitor relevant international developments related to ISM and IT security and advise the Secretariat accordingly.

Ideal Candidate Profile

Academic Background

  • An advanced university degree in computing, information security management, or a related field.

Professional Background

  • A minimum of three, preferably five years of experience, in private and/or public sector organisations, in information security management, ICT and Cyber Security Management or ICT, Software and Security Architecture, Project Management and Systems Engineering capabilities.
  • Familiarity with the principles and practice of ISM, including relevant international standards such as the ISO/IEC 27000-series.
  • Comprehensive knowledge of the standards which govern the security of ICT systems within organisations.
  • Competence in Cyber Security and the application of Cyber security measures, including: Standard Operating System Baseline controls; Domain Controller, Web and Database Server Controls, Network Infrastructure, Audit and Logging Infrastructure, Gateway Infrastructure and Firewalls.
  • Knowledge of governance issues; information security management policies; institutional risk management; vulnerability management; physical and logical access management; data lifecycle management; logging, monitoring and audit; security incident and data breach management; internal/external audit.
  • Experience initiating discussions and advising various action plans and outcomes with government and tax administration officials and fellow information security professionals.
  • Professional experience working with or within a tax administration would be highly advantageous, e.g. in a role such as information security officer, IT security consultant, or IT security architect would be an advantage but is not essential.

Languages

  • Fluency in one of the two OECD official languages (English and French) and knowledge of the other, with a commitment to reach a good working level.
  • Working knowledge of French would be highly advantageous.

Core Competencies

  • For this role, the following competencies would be particularly important: Achievement focus, Analytical thinking, Drafting skills, Flexible thinking, Managing resources, Teamwork, Client focus, Diplomatic sensitivity, Negotiating, Organisational knowledge.
  • Please refer to the level 3 indicators of the OECD Core Competencies.

Contract Duration

  • Two year fixed term appointment (with the possibility of renewal).

What the OECD offers

  • Depending on level of experience, monthly salary starts at either 6,197 EUR or 7,647 EUR, and allowances based on eligibility, exempt of French income tax.
  • Click here to learn more about what we offer and why the OECD is a great place to work.
  • Click here to browse our People Management Guidebook and learn more about all aspects relating to people at the OECD, our workplace environment and many other policies supporting staff in their daily life.

Please note that the appointment may be made at a lower grade based on the qualifications and professional experience of the selected applicant.

The OECD is an equal opportunity employer and welcomes the applications of all qualified candidates who are nationals of member countries and jurisdictions of the Global Forum, irrespective of their racial or ethnic origin, opinions or beliefs, gender, sexual orientation, health or disabilities.

The OECD promotes an optimal use of resources in order to improve its efficiency and effectiveness. Staff members are encouraged to actively contribute to this goal.

Tags: architect, building services, cyber security, information security, procurement, project management, public sector, risk management, security management, security officer, systems engineering, tax administration, tax avoidance, transparency