BACKGROUND INFORMATION

As part of multi-country National Computer Incident Response Team (CIRT) implementation projects coordinated by the ITU, this roster will provide on-demand expertise to strengthen national cybersecurity incident response capabilities across various countries.

The Senior CIRT Governance and Policy Consultant will focus on establishing robust cybersecurity governance structures by developing national CIRT policies, standard operating procedures (SOPs), and related documentation in line with the ITU’s CIRT Framework.

TERMS OF REFERENCE

Under the guidance of the ITU Project Manager and in collaboration with the ITU Senior Cybersecurity Coordinator, the Consultant will contribute to the following activities for each country assignment:

• Policy and Governance Review: Review the existing national CIRT mandate, institutional positioning, mission, vision, legal basis, and relevant policy and governance documentation, including human resources policies and organizational models, to establish a comprehensive baseline.
• Gap Analysis: Conduct a structured gap analysis aligned with the SIM3 maturity model and relevant FIRST-endorsed good practices and guidance, covering governance, policies, organizational structure, human resources, operational processes, and physical and environmental security, to identify gaps and priority areas for improvement.
• Governance and Organizational Framework Development: Develop a comprehensive national CIRT policy and governance framework aligned with the ITU CIRT Framework, relevant FIRST-endorsed good practices and guidance, and the SIM3 model, defining the CIRT mandate, scope of services, stakeholders and constituency, organizational structure, staffing models and roles, human resource requirements and competencies, decision-making and escalation mechanisms, and inter-agency coordination arrangements.
• Critical Information Infrastructure Protection (CIIP) Policy Alignment: Support the development or harmonization of policies, roles, and coordination frameworks related to CIIP, clarifying the CIRT’s role in national CIIP governance, incident coordination, and information-sharing mechanisms.
• Standard Operating Procedures, Guidelines, and Checklists: Develop and structure a comprehensive set of practical Standard Operating Procedures, operational guidelines, and checklists covering core CIRT functions, including incident management, escalation, coordination, information sharing, reporting, HR-related processes, access control, premises security, and business continuity management.
• Stakeholder Validation: Plan and facilitate validation workshops or working sessions with CIRT staff and relevant national stakeholders to review, refine, and reach consensus on the governance framework, SOPs, and associated policies and procedures.
• Sustainability and Knowledge Transfer: Develop a sustainability, capacity-building, and knowledge-transfer approach to support the long-term institutionalization, maintenance, and continuous improvement of CIRT governance frameworks, policies, SOPs, procedures, and documentation.

CONCRETE DELIVERABLES

• National CIRT Policy and Governance Framework: Submission of a consolidated document outlining the mandate, governance aspects, and institutional setup of the national CIRT.
• CIRT Gap Analysis Report: Delivery of a  high-level assessment identifying key gaps and priority areas for strengthening national CIRT policy, governance, and operational readiness.
• CIRT Standard Operating Procedures, Policies, and Guidelines: Submission of a consolidated set of approved SOPs, policies, procedures, and checklists supporting the consistent and effective functioning of the national CIRT.

COMPETENCIES

• Good technical and analytical problem-solving skills including demonstrated ability to understand and analyse project priorities.
• Experience in conducting monitoring and evaluation for project implementation.
• Effective communication and writing skills in English with strong drafting and documentation skills to produce high-quality policy and procedural documents.
• Ability to work independently and as part of a team, maintaining efficient working relationships, while demonstrating sensitivity to ITU's multi-cultural, multi-ethnic environment and respect for diversity.
• Strong understanding of ITU’s CIRT framework and SIM3 maturity model.
• Excellent analytical skills.

QUALIFICATIONS REQUIRED

Education:

Advanced university degree in cybersecurity, information security policy, computer science, public policy, or a related field OR education from a reputed college of advanced education, with a diploma of equivalent standard to that of an advanced university degree in one of the fields above.
Recognized professional certifications such as CISSP, CISM, CISA, ISO/IEC 27001 Lead Implementer or equivalent would be an asset.

Experience:

At least seven (7) years of professional experience in cybersecurity policy development, national CSIRT/CIRT establishment, governance, or related cybersecurity strategy roles, including at least three (3) at the international level. 
A Doctorate in a related field can be considered as a substitute for three years of working experience.

Languages:

Knowledge of English is at advanced level. Knowledge of another official language of the Union (Arabic, Chinese, French, Russian, Spanish) would be an advantage.

REMUNERATION INFORMATION

Between USD 280 and USD 450 per working day to be defined according to the work experience of the consultant.