E T Consultant
World Bank
Rome
Italy
June 27, 2026
Full-timeJune 27, 2026
Senior Cybersecurity Specialist – Vulnerability Management
Job Description
Job Posting Organization:
The World Food Programme (WFP) is the world’s largest humanitarian organization dedicated to saving lives in emergencies and using food assistance to build pathways to peace, stability, and prosperity for people recovering from conflict, disasters, and the impacts of climate change. Established in 1961, WFP operates in over 80 countries, employing thousands of staff members who are committed to the mission of eradicating hunger and ensuring security" style="border-bottom: 1px dotted #007bff !important;">security" style="border-bottom: 1px dotted #007bff !important;">food security for all. WFP's core values include Integrity, Collaboration, Commitment, Humanity, and Inclusion, which guide its operations and interactions with partners and beneficiaries. The organization has received numerous accolades for its work, including the Nobel Peace Prize in 2020, highlighting its significant contributions to global humanitarian efforts. WFP is dedicated to fostering a diverse and inclusive workforce, encouraging individuals from all backgrounds to apply for positions within the organization. For more information, visit their website at https://www.wfp.org and follow them on various social media platforms for updates and news.
Job Overview:
The Senior Cybersecurity Specialist – Vulnerability Management will play a crucial role in enhancing WFP’s vulnerability and exposure management capabilities. This position is designed for a professional who can navigate the complexities of cybersecurity in a rapidly evolving threat landscape. The incumbent will work under the general supervision of the Chief TECI and the direct supervision of the Head of Cybersecurity Operations. The primary focus will be on adopting a risk-driven approach to vulnerability management, prioritizing risks based on exploitability, business impact, and actual exposure rather than solely on severity. This role requires a proactive mindset to identify, contextualize, and prioritize vulnerabilities across WFP’s digital environments, ensuring that the organization can effectively mitigate risks and protect its assets. The specialist will also be responsible for driving remediation outcomes through structured orchestration and stakeholder engagement, thereby strengthening the organization’s overall cybersecurity posture.
Duties and Responsibilities:
The main responsibilities of the Senior Cybersecurity Specialist include, but are not limited to: driving continuous asset discovery and visibility across various environments including cloud, on-premise, and SaaS; conducting and validating vulnerability assessments using multiple tools and intelligence sources; prioritizing vulnerabilities based on real-world risk factors; acting as the central coordination point for vulnerability remediation; driving the adoption of AI-enabled capabilities within vulnerability management processes; recommending compensating controls where necessary; supporting the integration of vulnerability data into dashboards and reporting platforms; managing and tracking vulnerability findings; collaborating with internal teams to improve processes and data integration; contributing to awareness initiatives related to vulnerability risks; and performing other cybersecurity-related duties as assigned. The role demands a high level of analytical skills and the ability to communicate complex data effectively to various stakeholders.
Required Qualifications:
Candidates must possess a strong understanding of vulnerability management and exposure management concepts, tools, platforms, and processes. They should have a solid grasp of cloud environments, networking, and system architectures, as well as an awareness of exploitability concepts and threat intelligence. Familiarity with emerging risks, particularly those associated with AI-driven systems and software supply chains, is considered an asset. Strong analytical and communication skills are essential, enabling the candidate to interpret complex data and translate it into actionable insights. Certifications such as CISSP, CISM, CRISC, GIAC, or OSCP are advantageous and will enhance the candidate's profile.
Educational Background:
A university degree in Information Technology, Information Systems, Cybersecurity, or related fields is required. Alternatively, a combination of relevant experience and education may be considered. The educational background should provide a solid foundation in the principles of cybersecurity and information technology, equipping the candidate with the necessary skills to excel in this role.
Experience:
Candidates should have at least 6-8 years of experience in vulnerability management, cybersecurity operations, threat management, or related areas. Experience working with cloud platforms and environments characterized by rapidly evolving vulnerabilities and exploit scenarios is highly desirable. This level of experience is crucial for understanding the complexities of cybersecurity and effectively managing vulnerabilities in a dynamic environment.
Languages:
Fluency in English (level C) is mandatory for this position. Additionally, intermediate knowledge (level B) of a second official UN language is desirable. The languages that are considered beneficial include Arabic, Chinese, French, Russian, Spanish, and/or Portuguese, which is WFP’s working language. Proficiency in these languages will enhance communication and collaboration within the diverse WFP team and with external partners.
Additional Notes:
The position is classified as a Regular Consultant (CST2) and is based in Rome, Italy, with the option for remote work. The role offers an attractive compensation package, which can be found in the Terms and Conditions section of the vacancy announcement. WFP is committed to providing reasonable accommodations for individuals with disabilities throughout the recruitment process. The organization does not charge any fees in connection with the application or recruitment process, and all applications must be submitted through the online recruiting system. Only shortlisted candidates will be contacted for the next stage of the recruitment process.
The World Food Programme (WFP) is the world’s largest humanitarian organization dedicated to saving lives in emergencies and using food assistance to build pathways to peace, stability, and prosperity for people recovering from conflict, disasters, and the impacts of climate change. Established in 1961, WFP operates in over 80 countries, employing thousands of staff members who are committed to the mission of eradicating hunger and ensuring security" style="border-bottom: 1px dotted #007bff !important;">security" style="border-bottom: 1px dotted #007bff !important;">food security for all. WFP's core values include Integrity, Collaboration, Commitment, Humanity, and Inclusion, which guide its operations and interactions with partners and beneficiaries. The organization has received numerous accolades for its work, including the Nobel Peace Prize in 2020, highlighting its significant contributions to global humanitarian efforts. WFP is dedicated to fostering a diverse and inclusive workforce, encouraging individuals from all backgrounds to apply for positions within the organization. For more information, visit their website at https://www.wfp.org and follow them on various social media platforms for updates and news.
Job Overview:
The Senior Cybersecurity Specialist – Vulnerability Management will play a crucial role in enhancing WFP’s vulnerability and exposure management capabilities. This position is designed for a professional who can navigate the complexities of cybersecurity in a rapidly evolving threat landscape. The incumbent will work under the general supervision of the Chief TECI and the direct supervision of the Head of Cybersecurity Operations. The primary focus will be on adopting a risk-driven approach to vulnerability management, prioritizing risks based on exploitability, business impact, and actual exposure rather than solely on severity. This role requires a proactive mindset to identify, contextualize, and prioritize vulnerabilities across WFP’s digital environments, ensuring that the organization can effectively mitigate risks and protect its assets. The specialist will also be responsible for driving remediation outcomes through structured orchestration and stakeholder engagement, thereby strengthening the organization’s overall cybersecurity posture.
Duties and Responsibilities:
The main responsibilities of the Senior Cybersecurity Specialist include, but are not limited to: driving continuous asset discovery and visibility across various environments including cloud, on-premise, and SaaS; conducting and validating vulnerability assessments using multiple tools and intelligence sources; prioritizing vulnerabilities based on real-world risk factors; acting as the central coordination point for vulnerability remediation; driving the adoption of AI-enabled capabilities within vulnerability management processes; recommending compensating controls where necessary; supporting the integration of vulnerability data into dashboards and reporting platforms; managing and tracking vulnerability findings; collaborating with internal teams to improve processes and data integration; contributing to awareness initiatives related to vulnerability risks; and performing other cybersecurity-related duties as assigned. The role demands a high level of analytical skills and the ability to communicate complex data effectively to various stakeholders.
Required Qualifications:
Candidates must possess a strong understanding of vulnerability management and exposure management concepts, tools, platforms, and processes. They should have a solid grasp of cloud environments, networking, and system architectures, as well as an awareness of exploitability concepts and threat intelligence. Familiarity with emerging risks, particularly those associated with AI-driven systems and software supply chains, is considered an asset. Strong analytical and communication skills are essential, enabling the candidate to interpret complex data and translate it into actionable insights. Certifications such as CISSP, CISM, CRISC, GIAC, or OSCP are advantageous and will enhance the candidate's profile.
Educational Background:
A university degree in Information Technology, Information Systems, Cybersecurity, or related fields is required. Alternatively, a combination of relevant experience and education may be considered. The educational background should provide a solid foundation in the principles of cybersecurity and information technology, equipping the candidate with the necessary skills to excel in this role.
Experience:
Candidates should have at least 6-8 years of experience in vulnerability management, cybersecurity operations, threat management, or related areas. Experience working with cloud platforms and environments characterized by rapidly evolving vulnerabilities and exploit scenarios is highly desirable. This level of experience is crucial for understanding the complexities of cybersecurity and effectively managing vulnerabilities in a dynamic environment.
Languages:
Fluency in English (level C) is mandatory for this position. Additionally, intermediate knowledge (level B) of a second official UN language is desirable. The languages that are considered beneficial include Arabic, Chinese, French, Russian, Spanish, and/or Portuguese, which is WFP’s working language. Proficiency in these languages will enhance communication and collaboration within the diverse WFP team and with external partners.
Additional Notes:
The position is classified as a Regular Consultant (CST2) and is based in Rome, Italy, with the option for remote work. The role offers an attractive compensation package, which can be found in the Terms and Conditions section of the vacancy announcement. WFP is committed to providing reasonable accommodations for individuals with disabilities throughout the recruitment process. The organization does not charge any fees in connection with the application or recruitment process, and all applications must be submitted through the online recruiting system. Only shortlisted candidates will be contacted for the next stage of the recruitment process.
Info
Job Posting Disclaimer
This job posting is provided for informational purposes only. The accuracy of the job description, qualifications, and other details mentioned is the sole responsibility of the employer or the organization listing the job. We do not guarantee the validity or legitimacy of this job posting. Candidates are advised to conduct their own due diligence and verify the details directly with the employer before applying.
We are not liable for any decisions or actions taken by applicants in response to this job listing. By applying, you agree that all application processes, interviews, and potential job offers are managed exclusively by the listed employer or organization.
Beware of fraudulent job offers. Do not provide sensitive personal information or make any payments to secure a job.
We are not liable for any decisions or actions taken by applicants in response to this job listing. By applying, you agree that all application processes, interviews, and potential job offers are managed exclusively by the listed employer or organization.
Beware of fraudulent job offers. Do not provide sensitive personal information or make any payments to secure a job.
