USAID Cybersecurity for Critical Infrastructure in Ukraine Activity, implemented by DAI Global LLC, is looking for a National Preparedness Coordinator.
- Activity Background:
The purpose of the United Agency for International Development (USAID) Cybersecurity for Critical Infrastructure in Ukraine Activity (“the Activity”) is to strengthen the resilience of Ukraine’s critical infrastructure from cyberattacks by establishing trusted collaboration between key cybersecurity stakeholders in the government, private sector, academia, and civil society. The activity aims to achieve this goal by implementing the following activity components:
Component 1: Strengthening the cybersecurity enabling environment
The legal, regulatory, and institutional framework for national cybersecurity in Ukraine needs to be strengthened and aligned with international standards and best practices. This component will strengthen the cybersecurity resilience of Ukraine’s critical infrastructure (CI) sectors by addressing legislative gaps, promoting good governance, enabling collaboration between stakeholders, and supporting cybersecurity institutions. This component will also build the technical capacity of key sectors through increased access to cybersecurity technology and equipment.
Component 2: Developing Ukraine’s cybersecurity workforce
Ukraine suffers from a severe shortage of cybersecurity professionals. This component of the USAID Cybersecurity for Critical Infrastructure in Ukraine Activity will address workforce gaps through activities that develop new cybersecurity talent and build the capacity of existing talent. These activities will address the entire workforce pipeline, the quality of education received by cybersecurity specialists, and industry training programs to rapidly upskill Ukraine’s workforce to respond to immediate cybersecurity vulnerabilities.
Component 3: Building a resilient cybersecurity industry
A growing cybersecurity industry in Ukraine will contribute directly to national security and prosperity. This component will seek to build trust and collaboration between the public and private sector to develop innovative solutions for future cybersecurity challenges; spur investment and growth in the broader cybersecurity market in Ukraine through greater access to financing; support smaller cybersecurity companies to rapidly increase the number of local cybersecurity service providers; and offer mechanisms for Ukrainian firms to connect with industry partners to enable better access to innovations and business opportunities.
Under component 1, the Activity assessed Ukraine’s national preparedness to respond to a cybersecurity incident impacting CI sectors (preparedness is defined here as “a framework for preparing for and responding to cybersecurity risks and incidents, in accordance with applicable law”). Based on the findings of this assessment, the Activity developed a detailed plan (the Cybersecurity Incident Preparedness Assessment and Program Plan) for increasing preparedness.
- Role’s Purpose:
Under the supervision of the Component 1 Enabling Environment Lead, the National Preparedness Coordinator will be responsible for coordinating and supporting the implementation of activities outlined in the Cybersecurity Incident Preparedness Assessment and Program Plan. This individual will lead coordination with implementing partners (IPs) and engage relevant stakeholders (i.e. CI operators, the Government of Ukraine (GOU), other donors) in national preparedness efforts supported by the Activity. The individual will be responsible for monitoring performance against the Monitoring, Evaluation, and Learning Plan (MELP) targets and supporting the successful completion of activities.
- Gain an in-depth understanding of activities currently underway and planned under the Cybersecurity Incident Preparedness Assessment and Program Plan
- Plan, coordinate, oversee, and manage the day-to-day required to implement the following preparedness activities:
— Critical Infrastructure Cybersecurity Incident Preparedness Assessment (CICIPA) — phased assessment of up to 30 selected CI operators
— Cybersecurity Maturity Model (CMM) — self-assessment tool for CI entities to evaluate their level of preparedness and track improvements
— Threat Intelligence Sharing Mechanism (TISM) — An information network and set of technical protocols to improve communication and collaboration between CI stakeholders (public and private sectors)
— Tabletop exercises — Organized, large-scale exercises to test and reinforce incident response procedures, promote information sharing between CI stakeholders, identify gaps, and improve response and recovery times
- Develop, maintain, and update implementation plan for carrying out preparedness activities and initiatives
- Assess/determine resources required for implementing preparedness activities and initiatives. Draft scopes of work and assist in securing those resources
- Work closely with the designated IPs to ensure successful delivery of specific preparedness activities and initiatives
- Hold regular (preferably weekly) management/check-in meetings with IPs as well as consultants and contractors involved in/contributing to the implementation of preparedness activities and initiatives
- Provide Enabling Environment Lead, Chief of Party (COP), and Deputy Chief of Party (DCOP) with updates on each activity’s progress on a weekly/monthly basis, as requested
- Coordinate working groups and other stakeholder discussions in support of preparedness activities and initiatives
- Prepare and/or review progress reports and presentations for key stakeholders including recipients/beneficiaries
Critical Infrastructure Cybersecurity Incident Preparedness Assessment (CICIPA)
- Review, vet, and, as needed, update list of CI operators identified as potential audit recipients
- Assist with developing scopes of work and identifying individuals or firms to carry out audits
- Assist in preparing CI operators selected for audit (hold planning meetings, confirm timeline, establish points of contact, present Activity indicated, develop and sign memoranda of understanding, non-disclosure agreements, etc.)
- Ensure all relevant CI operator representatives receive regular updates on status and progress of audits
- Assist with reporting, in line with NDAs and in order to meet Activity MELP reporting requirements
Cybersecurity Maturity Model (CMM)
- Monitor and coordinate development of a cross-sector CMM in collaboration with sectoral regulators like National Energy and Utilities Regulatory Commission of Ukraine (NEURC)
- (i.e. establish necessary working groups, presents drafts to stakeholders, collect inputs)
- Work closely with authorities, including NEURC and State Service of Special Communication and Information Protection of Ukraine (SSSCIP) to ensure the institutionalization of the CMM approach according to industry best practices
- Oversee pilot of TISM, including set-up of threat intelligence platform for each recipient CI operator and GOU entity
- Monitor TISM and Threat Intelligence Platform (TIP) roll out
- Through TISM working group, capture lessons learned on use of the TIP
- Support update to TISM model based on results of pilot and work/coordinate with stakeholders to expand TISM
TTX (and larger National Cybersecurity Preparedness Forum)
- Lead coordination/organization of Forum, including working with Activity staff, IPs, consultants, and vendors to:
— Develop detailed agenda for each Forum event (i.e. conference, workshops, TTX)
— Identify/invite/confirm participants, in coordination with GOU and other stakeholders, as appropriate, for each Forum event
- Monitor development of TTX scenarios, schedule meetings with relevant stakeholders to ensure inputs are provided
- Schedule meetings with appropriate stakeholders for providing updates on various aspects of Forum (confirmed speakers/panelists, workshops offered, high-level logistical info, etc.) and ensure support/buy-in
- Coordinate with communications team and provide content needed to promote event
- Work closely with vendors (i.e. event management company, workshop providers, etc.) to ensure events roll out smoothly
- Ensure analysis and reporting from the Forum and TTX are made available to stakeholders
- Q ualifications and Experiences
- Master or higher educational degree in public administration, international relations, or related field;
- At least 3 years of experience working with GOU stakeholders
- Between 3-5 years of program management experience
- Experience in organizing international conferences, training and research with international partners
- Solid communications skills, including written and editing skills
- Familiarity with technical platforms used in threat intelligence sharing, as well as scenarios for tabletop exercises preferred
Qualified candidates should send their CV and cover letter in English to [email protected]. Only short-listed candidates will receive notice requesting additional information.