Information and Communications Technology (ICT) Officer (Digital Workplace Engineer) (P)

Job Identification (Reference Number): 16003
Position Title: Information and Communications Technology (ICT) Officer (Digital Workplace Engineer) (P)
Duty Station City: Valencia
Duty Station Country: Spain
Grade: UG
Contract Type: Special Short term ungraded (Up to 9 months)
Recruiting Type: Professional
Vacancy Type: Call for Applications
Initial duration: 9 months
Closing date: 7 August 2025

Introduction

Established in 1951, IOM is a Related Organization of the United Nations, and as the leading UN agency in the field of migration, works closely with governmental, intergovernmental and non-governmental partners. IOM is dedicated to promoting humane and orderly migration for the benefit of all. It does so by providing services and advice to governments and migrants.

IOM is committed to ensuring a workplace where all employees can thrive professionally, while working towards harnessing the full potential of migration. Read more about IOM's workplace culture at IOM workplace culture | International Organization for Migration

Internal and external candidates will be considered for this vacancy. For the purposes of this vacancy, internal candidates are defined as staff members holding a regular, fixed-term or short-term graded or ungraded contract, including Junior Professional Officers (JPOs), staff on Special Leave Without Pay (SLWOP), and staff members on secondment/loan released by the Organization, unless otherwise specified in their contract. Staff members holding a regular, fixed-term or short-term graded contract will not retain their contract type if appointed to an ungraded position.

Context

The ICT Officer (Digital Workspace Engineer) will lead own and evolve IOM’s digital workspaces, the ICT Officer (Digital Workspace Engineer) will be the technical architect and operational lead for the modern end-user experience across a global, hybrid organisation. This role isn’t just about keeping devices running it’s about enabling secure, seamless digital workspaces that scale with our growth and empower our people to work from any device from anywhere in the world.

The ICT Officer (Digital Workplace Engineer) will take ownership of the endpoint ecosystem, including Windows, macOS, and other operating systems as may become applicable, and guide the evolution of imaging, lifecycle management, secure access, and collaboration tools. Understanding of automation tasks such as Autopilot provisioning and conditional access with automated remediation while maintain a robust patching regime are keyt success factors for the role. s to secure BYOD and Windows 365 virtual desktops, you’ll be enabling the next generation of digital work.

This position also includes strategic responsibility for enabling secure cloud printing solutions, and managing endpoint integration with Azure Files for seamless, permissioned access to organizational data from any device. As the end-point architect the role will be responsible for the rolling out of IOM’s Mobile Device Management, Mobile Application Management and Bring Your Own Device initiatives as part of our NIST 800-53 implementation.

Under the overall supervision of the Chief Technology Officer and the direct supervision of Senior ICT Officer (Infrastructure Security Engineer), the ICT Officer (Digital Workspace Engineer) will be responsible for the cloud infrastructure operations.

ENDPOINT STRATEGY & ENGINEERING

• Define and implement the device provisioning roadmap, leveraging:
  • Microsoft Windows Autopilot for zero-touch deployment
  • MacOS Enrollment via Intune and Apple Business Manager
• Integrate and operationalize Windows 365 for mobile and remote users.
• Standardize device build processes across platforms using cloud-first tooling.

DEVICE & PLATFORM MANAGEMENT

• Manage cross-platform endpoint estates: Microsoft, MacOS, and future capability on Android and/or Linux.
• Configure and administer Microsoft Intune / Endpoint Manager:
  • Deploy software, enforce policy, monitor compliance.
  • Manage Mobile Device Management and Mobile Application Management for both corporate and Bring Your Own Device endpoints.
• Lead the device lifecycle strategy, from onboarding to decommissioning and disposal readiness.
• Manage and support secure cloud print infrastructure using tools such as:
  • Universal Print (Microsoft)
  • Papercut MF or Mobility Print or other enablement tools
  • Secure print release and role-based access controls
• Maintain endpoint access to Azure Files and other repositories:
  • Configure mapped drives, enforce Azure Role Based Access Control, and enable secure cross-platform file access.

SECURITY, PATCHING & COMPLIANCE

• Enforce comprehensive patch management for all platforms.
• Integrate with Microsoft Defender for Endpoint, conditional access, and Zero Trust models.
• Create and implement endpoint protection and compliance policies aligned to the organisation’s adopted standard NIST 800:53.
• Support secure storage access via Azure Files, enforcing encryption, share access controls, and identity-based authentication.

MOBILITY & VIRTUAL WORKSPACES

• Own strategy and operations for Windows 365, provisioning virtual PCs for remote or contractor access.
• Enable secure, location-independent digital access for all roles.
• Evaluate and optimize virtual desktop experiences and mobile-first productivity models.

REPORTING & OPTIMISATION

• Track device health, performance, and usage via Endpoint Analytics and Intune reports.
• Drive continual service improvement based on data, user feedback, and ITSM metrics.
• Recommend and implement automation for imaging, onboarding, and compliance workflows.

CROSS-TEAM COLLABORATION

• Collaborate with the enterprise architect, Information Security team, Cloud Services, regional ICT officers, and Application teams to create a seamless digital workplace.
• Act as the subject matter expert for all endpoint and end-user compute technologies.

ADDITIONAL RESPONSIBILITIES 

• Provide input for endpoint license entitlements and ensure correct integration with FinOps and licensing portals where required.
• Perform such other duties as may be assigned.

Education

• Master’s degree in Cybersecurity, Computer Engineering, Computer Science, or a related field from an accredited academic institution with five years of relevant professional experience; or,
• University degree in the above fields with seven years of relevant professional experience.
• The following certifications are required:
  • Microsoft Certified: Mordern Desktop Administrator Associate
  • Microsoft Certified: Azure Fundamentals
  • Microsoft Certified: Office 365 Fundementals
  • Must attain and maintain Information Technology Infrastructure Library (ITIL) version 4 Foundation certification.
• Microsoft Azure Solutions Architect certification is an advantage.
• Apple Certified Support Professional (ACSP) is a desirable advantage.

Accredited Universities are those listed in the UNESCO World Higher Education Database.

Experience

• A minimum of 5 years of experience in the design and implementation of Digital Workplace;
• A minimum of 2 years deploying and managing automation technologies such as Windows CoPilot;
• Excellent and hands-on experience with Microsoft Azure services especially Azure AD, Intune and Defender for cloud;
• Excellent and hands-on experience in supportingMicrosoft Windows 10 and 11;
• Excellent PowerShell and Bash scripting ability; 
• Excellent and hands-on experience with patch management strategies including third party app patching; and,
• Understanding of Software as a Service (SaaS) architectures and ability to integrate these into the digital workplace.

Skills

• Demonstrated ability in setting up Microsoft Intune for endpoint management and compliance;
• Knowledge of remote provisioning (Microsoft autopilot and Apple Business Manger) and hybrid joint strategies;
• Knowledge of Cloud Platforms, specifically Azure and Azure Files and the enforcement of role based access control;
• Demonstrated ability in device compliance frameworks such as Conditional Access and Zero Trust;
• Demonstrated ability and experience in developing endpoint strategy across multiple geographies and platforms;
• Security: Proficiency in creating policies and standards for endpoint management integrating IAM, Virtual Private Network (VPN), Virtual Private Cloud (VPC), encryption standards;
• Deep understanding in of secure print management through cloud printing technologies such as Universal Print, Papercut etc.;
• Demonstrated ability to balance user experience with security and compliance;
• Project management skills for efficient roll-out of ICT initiatives;
• Demonstrated ability to handle confidential data in a professional, responsible and mature manner; and,
• Familiarity with global IT security trends and the ability to adapt NIST standards to evolving security threats and technologies.

Languages

IOM’s official languages are English, French, and Spanish. All staff members are required to be fluent in one of the three languages.

For this position, fluency in English is required (oral and written). Working knowledge of an official UN language (Arabic, Chinese, French, Russian, and Spanish) is an advantage.

Proficiency of language(s) required will be specifically evaluated during the selection process, which may include written and/or oral assessments.

Required Competencies

IOM’s competency framework can be found at this link. Competencies will be assessed during the selection process.

Values - all IOM staff members must abide by and demonstrate these five values:

• Inclusion and respect for diversity: Respects and promotes individual and cultural differences. Encourages diversity and inclusion.
• Integrity and transparency: Maintains high ethical standards and acts in a manner consistent with organizational principles/rules and standards of conduct.
• Professionalism: Demonstrates ability to work in a composed, competent and committed manner and exercises careful judgment in meeting day-to-day challenges.
• Courage: Demonstrates willingness to take a stand on issues of importance.
• Empathy: Shows compassion for others, makes people feel safe, respected and fairly treated.

Core Competencies – behavioural indicators 

• Teamwork: Develops and promotes effective collaboration within and across units to achieve shared goals and optimize results.
• Delivering results: Produces and delivers quality results in a service-oriented and timely manner. Is action oriented and committed to achieving agreed outcomes.
• Managing and sharing knowledge: Continuously seeks to learn, share knowledge and innovate.
• Accountability: Takes ownership for achieving the Organization’s priorities and assumes responsibility for own actions and delegated work.
• Communication: Encourages and contributes to clear and open communication. Explains complex matters in an informative, inspiring and motivational way.

Notes

Internationally recruited professional staff are required to be mobile.

Any offer made to the candidate in relation to this vacancy notice is subject to funding confirmation.

For this staff category, candidates who are nationals of the duty station's country cannot be considered eligible.

Appointment will be subject to certification that the candidate is medically fit for appointment, accreditation, any residency or visa requirements, security clearances.

Vacancies close at 23:59 local time Geneva, Switzerland on the respective closing date. No late applications will be accepted.

IOM has a zero-tolerance policy on conduct that is incompatible with the aims and objectives of the United Nations and IOM, including sexual exploitation and abuse, sexual harassment, abuse of authority and discrimination based on gender, nationality, age, race, sexual orientation, religious or ethnic background or disabilities.

IOM does not charge a fee at any stage of its recruitment process (application, interview, processing, training or other fee). IOM does not request any information related to bank accounts.

IOM only accepts duly completed applications submitted through the IOM e-Recruitment system (for internal candidates link here). The online tool also allows candidates to track the status of their application.

Only shortlisted candidates will be contacted.

For further information and other job postings, you are welcome to visit our website: IOM Careers and Job Vacancies