CI Resilience and Vulnerability Assessment Manage

ВАКАНСІЯ: CI Resilience and Vulnerability Assessment Manager  for U.S. Cybersecurity for Critical Infrastructure in Ukraine (CCI) Activity

BACKGROUND:

The U.S. Cybersecurity for Critical Infrastructure in Ukraine (CCI) Activity began in May 2020. The purpose of the CCI Activity is to reduce, and ultimately eliminate, cybersecurity vulnerabilities in Ukraine’s critical infrastructure sectors. In the same way that cyberattacks drove Estonia to innovate cybersecurity practices, systems, and entrepreneurship as the backbone of its digital transformation. 

The CCI Activity continues to improve the cyber-resilience of Ukraine and its critical infrastructure sectors through three interlinked, mutually reinforcing objective areas that address legal, policy, institutional, workforce, and market gaps to strengthen long-term national resilience.

Building on progress achieved from 2020 to 2026, and under the Department of State, the Activity will continue implementation of these objectives while aligning them with U.S. foreign-policy priorities for trusted technology, supply-chain security, and transatlantic digital integration.

Objective 1: Create a safe, trusted environment to accelerate the development of people, processes, and technology to support cybersecurity across CI sectors and assets in Ukraine.

Objective 2: Strengthen Ukraine as a sovereign nation built on a secure, protected, and dynamic economy, supported by a talented pool of human capital.

Objective 3: Stimulate demand for and supply of Ukrainian cybersecurity solutions and service providers to empower, equip, and finance cybersecurity entrepreneurs and businesses

The CCI Activity consists of three complementary, mutually reinforcing, and integrated components:

Component 1: Strengthen the Cybersecurity Enabling Environment

This component enhances Ukraine’s ability to protect and modernize its civilian digital infrastructure by embedding U.S. and allied cybersecurity standards into the governance, architecture, and operational systems of critical infrastructure (CI). It prioritizes the divestment of high-risk digital assets and the adoption of secure-by-design technologies that advance trusted supply chains, secure communications, and resilient public services in line with U.S. strategic and commercial interests.

Component 2: Develop Ukraine’s Cybersecurity Workforce

This component builds the institutional and technical foundation for a civilian cyber workforce capable of securing Ukraine’s critical infrastructure during wartime and sustaining digital resilience throughout long-term recovery. It anchors that workforce in U.S.-backed standards, trusted technology principles, and interoperable training models aligned with allied strategic frameworks. All workforce development activities under this component shall be focused on applied operational capability and demonstrable use of skills, rather than academic, theoretical, or strategy-only training outcomes.

Component 3: Build a Resilient Cybersecurity Industry

This component strengthens Ukraine’s domestic cybersecurity and dual-use technology sector as a frontline contributor to national resilience and a trusted partner in U.S. and allied digital ecosystems. It aims to reduce Ukraine’s reliance on high-risk and adversary-origin platforms, and position select Ukrainian firms as interoperable contributors within U.S. and allied technology supply chains where this serves U.S. strategic, security, and commercial interests.

The secured digital infrastructure of the Operators of Critical Infrastructures (OCIs), including government agencies, is a crucial component of the CCI Activity’s efforts to bolster Ukraine’s cyber resilience. Maintaining the functionality of this infrastructure and protecting it from cyberattacks is essential for the uninterrupted delivery of public services and the core services of the OCIs.

The CCI Activity is seeking a CI Resilience and Vulnerability Assessment Manager is responsible for leading and coordinating technical interventions that strengthen the cyber resilience of Ukrainian critical-infrastructure operators

1. Role’s Purpose:     

The CI Resilience and Vulnerability Assessment Manager is responsible for leading and coordinating technical interventions that strengthen the cyber resilience of Ukrainian critical-infrastructure operators through telemetry-driven digital-twin capabilities and recurring vulnerability assessment and penetration-testing programs. The role ensures that supported activities result in operational, telemetry-enabled resilience capabilities and measurable improvements in security posture on live or representative systems, rather than conceptual demonstrations or advisory outputs only. In addition to the core digital-twin and vulnerability-assessment workstreams, the role provides surge capacity for urgent, ad-hoc resilience testing, risk assessment, and remediation-support tasks assigned by CCI Activity leadership in response to emerging threats or sectoral priorities.

The CI Resilience and Vulnerability Assessment Manager will be responsible for providing all the monitoring performance reports against the Monitoring, Evaluation, and Learning Plan (MELP) targets and supporting the successful completion of activities.

1. Task / Responsibilities:

• Lead end-to-end deployment of a telemetry-driven digital-twin infrastructure for designated critical-infrastructure sectors, ensuring integration of live or near–real time telemetry and operational application in resilience testing scenarios.
• Coordinate configuration of telemetry pipelines and trusted technology components in cooperation with designated Government of Ukraine institutions, ensuring alignment with approved architectures and security protocols.
• Ensure that digital-twin capabilities are activated in at least one priority CI sector and demonstrably used to analyse system behaviour, validate defensive configurations, or evaluate responses under simulated stress conditions without affecting live operations.
• Lead implementation of a recurring vulnerability-assessment and penetration-testing program building on CICIPA and NIST-aligned methodologies, targeting high-risk systems identified through structured assessment processes.
• Oversee execution of focused penetration-testing cycles on approved live or representative systems and ensure documented identification of vulnerabilities and recommended remediation actions.
• Support and document remediation efforts undertaken by operators within defined remediation windows, ensuring measurable improvements in participating entities’ security posture.
• Ensure that technical outputs are reliable, structured, and suitable for coordination with other donors, including burden-sharing and modernization follow-up actions.
• Provide rapid-response coordination for urgent resilience testing, vulnerability analysis, or remediation-support tasks assigned by CCI Activity leadership.

Qualifications and experiences

Qualifications:

• Master or higher educational degree in cybersecurity / information security or information technology
• Strong knowledges of international cybersecurity standards and frameworks (ISO, NIST, CAF, Cobit or similar)
• Strong knowledges of the cyber security solutions
• Solid presentation skills
• Solid communications skills
• Skills in developing technical project documentation
• Good command of English language is preferred

Experiences:

• At least 5 years of experience working with cybersecurity / information security or information technology
• At least 5 years of experience with cybersecurity / information security or information technology projects implementation
• Experience as an auditor or implementer would be an advantage

Equal Employment Opportunity

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, or status as a protected veteran. 

DAI and its employees are committed to confronting discrimination in all forms, nurturing respect for our interpersonal relationships, and holding ourselves accountable for positive change within the company and in the communities, cultures, and countries in which we live and work.  DAI is committed to attracting and retaining the best employees from all races, ethnicities, and backgrounds in our continued effort to become a better development partner. 

DAI upholds the highest ethical standards. We are committed to the prevention of sexual exploitation, abuse, and harassment as well as other ethical breaches. All our positions are therefore subject to stringent vetting and reference checks.”

DAI promotes workforce diversity and encourages persons from excluded groups, including persons with disabilities, to apply.

It’s Kyiv-based position, long-term. 

Qualified candidates should send their CV and cover letter to UkraineCCI_Recruitment@dai.com. by April 24, 2026 6:00pm Kyiv time. Only short-listed candidates will receive notice requesting additional information. Interviews will be conducted on the rolling basis.