Job Posting Organization: The International Monetary Fund (IMF) is a global organization established to promote international monetary cooperation, facilitate sustainableeconomic growth, and reduce poverty around the world. The IMF plays a crucial role in the global economy by providing financial assistance, policy advice, and technical assistance to its member countries. The organization was founded in 1944 and has grown to include 190 member countries. The IMF employs over 2,700 staff members from diverse backgrounds and operates in various countries, focusing on fostering global economic stability and growth through its various departments, including the Information Technology Department (ITD). The ITD is integral to the IMF's mission, ensuring that technology solutions are effectively integrated to support the organization's goals. The security" style="border-bottom: 1px dotted #007bff !important;">security" style="border-bottom: 1px dotted #007bff !important;">Information Security and Governance (ISG) division within ITD is dedicated to safeguarding the integrity of the IMF's information assets and ensuring compliance with security standards.
Job Overview: The Security Analyst/Senior Security Analyst position within the Information Security and Governance (ISG) division of the IMF's Information Technology Department (ITD) is a critical role focused on managing cybersecurity risks associated with the IMF's information assets. The successful candidate will work under the supervision of an information security risk manager and will be responsible for assessing and managing security risks related to Azure cloud services, IT products, platforms, and services, as well as solutions with complex hybrid architectures. This role requires a deep understanding of identity and access management governance and the ability to collaborate with various project teams, service providers, and business units both internal and external to the IMF. The candidate is expected to bring a pragmatic approach to cloud security and risk management, advising technology and business personnel on safeguarding information and ensuring optimal functioning of technologies while managing information risks effectively. The position is designed for seasoned cybersecurity professionals who can address current and future cybersecurity challenges faced by the IMF, contributing to the organization's mission of global economic stability.
Duties and Responsibilities: The Security Analyst/Senior Security Analyst will have a range of responsibilities, including but not limited to: acting as a senior individual contributor for information security risk management projects, which may involve control design and assessment for technical areas such as ERP, IT Service Management, and Identity and Access Management; mapping and implementing compliance frameworks; managing risk remediation; and reporting on information security risks. The role also includes delivering information security risk assessments for large-scale IT implementation projects, consulting with security architecture functions for threat modeling, and designing infrastructure security controls. The candidate will be responsible for consulting on the implementation of authentication and authorization mechanisms, as well as cryptography within applications. They will collaborate with other security functions to apply appropriate risk levels to assessments and maintain impartiality in producing unbiased reports on information security risks. Additionally, the analyst will work closely with IT project teams to develop implementation plans for new security-related products and services, conduct quality assurance reviews of security requirements, and manage the engagement process with external risk assessment providers. The role may also involve analyzing and recommending process improvements within the context of information security and supporting governance activities for Identity and Access Management.
Required Qualifications: Candidates must possess a Bachelor's degree in information security, computer science, engineering, mathematics, business, or a related field, along with a minimum of 10 years of relevant experience in a technical information security risk management role or as an information security architect. Alternatively, candidates with an advanced degree in the aforementioned fields may qualify with a minimum of 4 years of relevant experience. Required certifications include CISSP or CISM, with at least two additional preferred certifications such as CCSP, Microsoft Certified: Cybersecurity Architect Expert, or other Microsoft cloud security-related certifications at the Expert level. Candidates should have prior experience in a technical cybersecurity risk management function, practical knowledge of risk management concepts, and familiarity with NIST-SP800-30, ISO 27001/2, ISO 27005, and COBIT. The ability to embed security into processes such as SDLC and ITIL is also essential.
Educational Background: The educational background required for this position includes a Bachelor's degree in information security, computer science, engineering, mathematics, business, or a related field. Candidates with an advanced degree in these areas are also encouraged to apply, provided they meet the experience requirements. The educational qualifications should reflect a strong foundation in technical and analytical skills relevant to information security and risk management.
Experience: Candidates must have substantial experience in the field of information security, specifically in technical cybersecurity risk management. A minimum of 10 years of relevant experience is required for those with a Bachelor's degree, while candidates with an advanced degree must have at least 4 years of experience. This experience should include practical application of risk management principles, familiarity with security-related regulatory requirements, and demonstrated expertise in cybersecurity across various technologies and platforms.
Languages: While the job description does not specify mandatory languages, proficiency in English is likely essential given the international nature of the IMF and its operations. Additional language skills may be beneficial but are not explicitly required.
Additional Notes: This position is a one-year contractual appointment, with the possibility of renewal for up to four years of cumulative contractual service, contingent upon performance, budget availability, and ongoing business needs. The IMF is committed to diversity and inclusion, ensuring that employment decisions are made without discrimination. The organization welcomes requests for reasonable accommodations for disabilities during the selection process, and information on how to request accommodations will be provided during the application process.
Info
Job Posting Disclaimer
This job posting is provided for informational purposes only. The accuracy of the job description, qualifications, and other details mentioned is the sole responsibility of the employer or the organization listing the job. We do not guarantee the validity or legitimacy of this job posting. Candidates are advised to conduct their own due diligence and verify the details directly with the employer before applying.
We are not liable for any decisions or actions taken by applicants in response to this job listing. By applying, you agree that all application processes, interviews, and potential job offers are managed exclusively by the listed employer or organization.
Beware of fraudulent job offers. Do not provide sensitive personal information or make any payments to secure a job.