Security Analyst/Senior Security Analyst (Infrastructure Security)

Job Posting Organization:
The International Monetary Fund (IMF) is a global organization established to promote international monetary cooperation, facilitate balanced growth of international trade, and provide resources to member countries in need. Founded in 1944, the IMF has grown to include 190 member countries and employs over 2,700 staff members. The organization operates in various countries around the world, focusing on fostering global economic stability and providing financial assistance and advice to its members. The IMF's Information Technology Department (ITD) plays a crucial role in supporting the organization's mission by integrating innovative technology solutions and ensuring cybersecurity across its operations.

Job Overview:
The security" style="border-bottom: 1px dotted #007bff !important;">Security Analyst/Senior Security Analyst (Infrastructure Security) position within the Information Technology Department's Information Security and Governance (ISG) division at the IMF is pivotal in safeguarding the organization's information assets. This role involves working under the supervision of an information security assurance manager to define, design, engineer, and validate security configurations for both cloud and on-premises technology platforms. The successful candidate will collaborate with various project teams, service providers, and business units, leveraging their expertise in pragmatic security and risk management to address current and future cybersecurity challenges. The position requires a proactive approach to advising technology and business personnel on safeguarding information, applications, systems, and infrastructure, ensuring optimal functionality while managing information risks effectively.

Duties and Responsibilities:
The primary duties and responsibilities of the Security Analyst/Senior Security Analyst include:

• Providing cybersecurity assurance expertise for a wide range of IT initiatives, including defining and guiding the engineering of security control standards and configuration baselines for technology platforms.
• Conducting quality assurance reviews of security requirements and audit recommendations, ensuring comprehensive and high-quality implementation of identified solutions.
• Communicating security requirements effectively to stakeholders and educating them on appropriate security design and technical configurations throughout the lifecycle of IT platforms.
• Collaborating closely with IT project teams to develop implementation plans for new security-related products and services.
• Advocating for information security by working proactively with IT stakeholders, service providers, and business units to provide security-related technical solutions.
• Identifying opportunities for improving business practices and IT security-related processes.
• Monitoring and assessing compliance and audit recommendation results to ensure they meet high standards.
• Supporting the information security assurance manager in maintaining the Fund's ISO 27001 certification by promoting self-compliance among IT staff and managers.
• Keeping abreast of international information security codes of practice and regulations that may impact the IMF's information assets. 1
• Analyzing, recommending, and implementing process improvements within the context of information security.

Required Qualifications:
Candidates must possess a Bachelor's degree in information security, computer science, engineering, mathematics, business, or a related field, along with a minimum of 10 years of relevant experience in infrastructure or enterprise security roles. Alternatively, an advanced degree in a related field is acceptable with at least 4 years of relevant experience. Required certifications include CISSP or CISM, with at least two preferred certifications such as CCSP, Microsoft Certified: Cybersecurity Architect Expert, Microsoft Certified: Azure Solutions Architect Expert, and other relevant certifications. Experience should encompass a proven track record in delivering technical security assurance and engineering solutions, particularly within regulated environments, and extensive technical security experience across core Azure services and security technologies.

Educational Background:
The educational background required for this position includes a Bachelor's degree in information security, computer science, engineering, mathematics, business, or a related field. An advanced degree in a similar field is also acceptable, particularly for candidates with fewer years of experience. The emphasis is on obtaining a solid foundation in technical and analytical skills relevant to cybersecurity and information security management.

Experience:
Candidates should have a minimum of 10 years of relevant experience in infrastructure or enterprise security roles, or 4 years with an advanced degree. Experience must include a proven track record in delivering technical security assurance and engineering solutions, with practical implementation experience in operational security within regulated environments. The ideal candidate will have extensive technical security experience across a broad range of core Azure services and security technologies, demonstrating expertise in securing application, database, and infrastructure components.

Languages:
The position requires proficiency in English, both spoken and written, as effective communication is crucial for articulating complex technical ideas to non-technical stakeholders. Additional language skills may be advantageous but are not mandatory.

Additional Notes:
This is a one-year contractual appointment, with the possibility of renewal for up to four years of cumulative contractual service, depending on performance, budget availability, and ongoing business needs. The IMF is committed to non-discrimination in employment and welcomes requests for reasonable accommodations for disabilities during the selection process. Information on how to request accommodations will be provided during the application process.