Overview
This roster will provide on-demand expertise to strengthen national cybersecurity incident response capabilities by focusing on establishing robust cybersecurity governance structures through the development of national CIRT policies and standard operating procedures.
Key Responsibilities
- Review existing national CIRT mandate, institutional positioning, mission, vision, legal basis, and relevant policy and governance documentation.
- Conduct a structured gap analysis aligned with the SIM3 maturity model and relevant FIRST-endorsed good practices and guidance.
- Develop a comprehensive national CIRT policy and governance framework.
- Support the development or harmonization of policies, roles, and coordination frameworks related to Critical Information Infrastructure Protection (CIIP).
- Develop and structure a comprehensive set of practical Standard Operating Procedures, operational guidelines, and checklists.
- Plan and facilitate validation workshops or working sessions with CIRT staff and relevant national stakeholders.
- Develop a sustainability, capacity-building, and knowledge-transfer approach.
Required Experience
- At least seven (7) years of professional experience in cybersecurity policy development, national CSIRT/CIRT establishment, governance, or related cybersecurity strategy roles.
- Including at least three (3) at the international level.
- A Doctorate in a related field can be considered as a substitute for three years of working experience.
Qualifications
• Advanced university degree in cybersecurity, information security policy, computer science, public policy, or a related field OR education from a reputed college of advanced education, with a diploma of equivalent standard to that of an advanced university degree in one of the fields above.
