Security Operations Center (SOC) Analyst- Tier 3

Job Posting Organization:
The International Monetary Fund (IMF) is a global organization established to promote international monetary cooperation, facilitate sustainable economic growth, and reduce poverty around the world. Founded in 1944, the IMF has grown to include 190 member countries, each contributing to a pool of financial resources that can be accessed by member nations in need. The organization employs over 2,700 staff members from diverse backgrounds and operates in various countries, providing financial assistance, policy advice, and technical assistance to its members. The IMF's mission is to foster global monetary cooperation, secure financial stability, facilitate international trade, promote high employment and sustainable economic growth, and reduce poverty around the world. The Information Technology Department (ITD) plays a crucial role in achieving these objectives by leveraging technology to enhance the IMF's operational efficiency and effectiveness.

Job Overview:
The security" style="border-bottom: 1px dotted #007bff !important;">Security Operations Center (SOC) Analyst - Tier 3 position within the Information Technology Department (ITD) at the IMF is a critical role focused on safeguarding the organization's information assets and ensuring the integrity of its operations. This position is designed for a hands-on analyst who will be responsible for monitoring and responding to security incidents, threats, and vulnerabilities in real-time. The SOC Analyst will work under the supervision of the Section Chief and will be expected to collaborate with various internal teams and external partners to develop and implement robust security measures. The ideal candidate will possess a strong technical background, excellent analytical skills, and a deep understanding of information security principles. The SOC Analyst will also play a key role in enhancing the IMF's cybersecurity posture and ensuring that IT initiatives align with the organization's strategic objectives.

Duties and Responsibilities:

• Implement advanced security monitoring and detection mechanisms by integrating actionable threat intelligence and identifying relevant log sources across hybrid environments.
• Investigate, analyze, and resolve complex security incidents, utilizing advanced forensic techniques, malware reverse engineering, and threat-hunting methodologies.
• Collaborate closely with the threat intelligence and vulnerability management team to process actionable intelligence, enhancing high-fidelity detection use cases and proactive defense mechanisms.
• Work with internal teams, including network operations, security platform administrators, system administrators, cloud administrators, and software developers, to ensure timely resolution of security issues and incidents.
• Continuously improve SOC operations by enhancing incident response, change management, and problem resolution while automating processes to reduce operational inefficiencies.
• Provide expert-level guidance to Tier 1 & Tier 2 analysts, supporting complex investigations and contributing to ongoing training and analyst retention strategies under SOC leadership.
• Develop, maintain, and update incident response plans, playbooks, and procedures, ensuring alignment with industry best practices, organizational policies, and crisis management frameworks.
• Support authorized eDiscovery and investigation requests in strict compliance with agreed procedures and playbooks ensuring chain of custody, documentation, and strict confidentiality.
• Manage the work of managed security service providers and participate in periodic performance reviews focusing on compliance and continuous improvement.

Required Qualifications:
Candidates must possess an advanced university degree in Computer Science or a related field, or a university degree in Information Security, Computer Science, Information Technology, or a related field from an accredited university, along with a minimum of 6 years of progressive security operations work experience in regulated industries. Additionally, candidates should hold at least 2 of the following certifications: OCSP, GCIH, GDAT, GREM, GSOC, CEH, GCIA, or Azure AZ-50

• Experience in a global Security Operations Center (SOC) environment, preferably in a Tier 3 role, is essential, along with the ability to manage the work of analysts and MSSPs.

Educational Background:
The position requires an advanced university degree in Computer Science or a related field, or a university degree in Information Security, Computer Science, Information Technology, or a related field from an accredited institution. This educational background is crucial for understanding the complexities of cybersecurity and information technology, as well as for effectively managing security operations and incident responses.

Experience:
Candidates should have a minimum of 6 years of progressive security operations work experience, particularly in regulated industries. Experience working in a global Security Operations Center (SOC) environment is preferred, especially in a Tier 3 role where the candidate has had responsibilities managing the work of analysts and managed security service providers (MSSPs).

Languages:
While the job posting does not specify mandatory languages, proficiency in English is essential given the international nature of the IMF and its operations. Additional language skills may be considered an asset, particularly those relevant to the IMF's member countries.

Additional Notes:
This is a one-year contractual appointment, with the possibility of renewal for up to four years of cumulative contractual service, depending on performance, budget availability, and ongoing business needs. The position is classified at levels A09 and A10 within the IMF's organizational structure. The IMF is committed to diversity and inclusion, ensuring that employment decisions are made without discrimination. Reasonable accommodations for disabilities during the selection process are available upon request.