SCOPE OF WORK
The RCO provides support to the Program Integrity Unit (PIU) and works closely with PIU Supervisor for ensuring that anti-fraud and malfeasance prevention measures, and internal information security management system (ISMS) requirements are implemented by staff and senior management. RCO also supports the PIU team in reviewing the operations and systems to identify any vulnerabilities and to develop mitigation strategies. The RCO position plays a key role in the recording and reporting of statistics and detailed information regarding program integrity and data protection.
In addition to performing any duties and responsibilities assigned by the Risk and Compliance Coordinator (in their absence, by the Head of Program Integrity), RCO’s main activities are as follows:
- Checking, reviewing, and updating anti-fraud messaging, posters and signage posted around RSC offices, the Refugee Information Website, and other locations on a quarterly basis.
- Acting as the Designated Complaints Officer responsible for collecting, recording, handling, and reporting on complaints related to fraud/malfeasance and serious breach of core policies.
- Recording and reporting on poison pen letters.
- Preparing memos on fraudulent websites/social media accounts.
- Preparing quarterly Fraud Trends Reports, and participating to Fraud Trends meetings organized by the Regional Refugee Coordinator
- Providing counseling and guidance to staff/interpreters regarding unsolicited contact
- Responding to and coordinating on requests for door access right changes in coordination with the requesting unit, their senior manager and IS Department
- Responding to and coordinating on requests for VPN access in coordination with the requesting unit and senior management
- Managing the FRM.ISMS.009 and coordinating the access right approvals for onboarding, offboarding and transition of employees in coordination with HR, CSOC, ADM in both offices
- Preparing weekly Splunk reports for PIU’s internal review
- Preparing monthly and quarterly IS Audit Reports for submitting to the senior management and/or supervisors
- Responding to and coordinating on requests on new File Server folders in coordination with the requesting unit and IS Department
- Handling information security events/incidents in line with SOP.ISMS.005, in coordination with IS Department and senior management
- Conducting regular START Knowledge checks for possible updates on PRM ICG and START RoB
- Supporting the PIU SV for organizing semi-annual Fraud & Ethics Committee meetings and review/update rounds for the Staff Fraud Risk Assessment
The RCO also supports the following PIU activities:
- Taking active part in PIU’s quarterly review and annual update of the USRAP Integrity & Compliance Guide Matrix before submission to PRM
- Taking active role in the organization’s efforts for NIST compliance, as an ISMS Panel member
- Supporting all staff, contractors, units, and departments for ensuring compliance with PRM, ICMC HQ and NIST requirements
- Responding to inquiries from staff/interpreters regarding the implementation of the Donations Policy and keeping Donations Policy records up to date.
- Taking active role in design & delivery of PIU trainings such as the “Anti-Fraud & Program Integrity" and "Documented Information"
- Handling data breaches (particularly USRAP data breaches) in coordination with IS Department, with a focus on USRAP data breaches.
- Suggesting, preparing, translating, and sharing Program Integrity Reminders with staff and interpreters
- Suggesting, preparing, translating informative posters, program integrity reminders, handbooks and similar material for responding to gaps identified in staff/interpreters/refugee applicants’ knowledge on program integrity.
- University degree in a related discipline (Social Sciences, Law, NGO Management, Project Management, Public Administration, Business Administration, etc.)
- Minimum 1 year of experience in the field of NGOs dealing with migration and/or refugees.
- Excellent written and verbal communication skills in English and Farsi.
- Demonstrated ability of translating between English and Farsi verbally and in writing.
- Excellent command of MS Office applications.
- Good understanding of concepts such as confidentiality, integrity, transparency, data privacy, compliance practices, and information security.
- Demonstrated ability of designing and providing effective training.
- Experience and knowledge of USRAP is a plus.
- Experience in writing, adapting, and implementing procedures and standards is a plus.
- Experience and knowledge on conducting risk analysis is a plus.
- Experience in conducting internal audits and preparing reports is a plus.
- Knowledge of ICMC’s anti-fraud measures and familiarity with program integrity and legal requirements is a plus.
- Experience of conducting workplace investigations is a plus.
HOW TO APPLY
Interested candidates should submit their applications to: firstname.lastname@example.org.
The Vacancy Notice number TU-IST-23-PIU-02 and the applicant’s full name must be quoted in the email subject line.
Referees may be contacted prior to the interviewing stage. The closing date for receipt of applications is 15th December 2023.
Applications will be evaluated upon reception and interviews with shortlisted candidates may be conducted before the closing date. Referees may be contacted prior to the interviewing stage.
Owing to the volume of applications, ICMC regrets that only applicants short-listed for an interview will be notified.
Please note that applications received after the deadline will not be accepted.
ICMC is committed to a Zero-Tolerance Policy toward sexual exploitation, abuses and all forms of unlawful harassment, including but not limited to sexual harassment. Screening of applications includes the vetting for records of prior misconduct and reference checking. ICMC may take other necessary measures to ensure that people involved in substantiated cases of sexual exploitation, abuse and harassment will not be recruited.
ICMC is committed to equal employment opportunities for all applicants. ICMC does not discriminate on the basis of race, gender, color, national origin, religion, physical or mental ability, marital status and age
By submitting your application, you agree that ICMC collects and processes the information you provide. Your personal information will only be used for recruitment purposes. Your application will be kept strictly confidential. In any case, your personal information will be stored until the end of the application process and then destroyed in accordance with the relevant legislation if we do not have the opportunity to offer you a position.
If you have sent your personal information to us, we would like to indicate that you have the following rights.
- Learning whether personal data is processed,
- Requesting information if it has been processed, learning the purpose of processing personal data and whether they are used appropriately for their purpose,
- To know the third parties to whom personal data are transferred domestically or abroad,
- To request correction of personal data in case of incomplete or incorrect processing,
- Requesting the deletion or destruction of personal data,
- Request notification of the processes regarding the correction, deletion or destruction of personal data to third parties to whom personal data have been transferred,
- Object to the occurrence of a result against the person himself by analyzing the processed data exclusively through automated systems,
- To request compensation of the damage in case of damage due to the illegal processing of personal data.
Application Address for all ICMC Positions: email@example.com