Security Analyst/Senior Security Analyst (Infrastructure Security)

The IMF's Information Technology Department (ITD) Information Security and Governance (ISG) division seeks a Security Analyst/Senior Security Analyst (Infrastructure Security) to provide expertise in defining, designing, engineering, and validating security configurations for technology platforms in cloud and on-premises environments. The role involves working with project teams, service providers, and business units to safeguard information assets and ensure optimal technology function and risk management.

Responsibilities

• Provide cybersecurity assurance expertise for a broad range of IT initiatives including defining, guiding engineering and validating implementation of technology agnostic security control standards, technology-specific configuration baselines (Security Hardening) and implementation guidelines for technology platforms (cloud and on-premises).
• Maintain impartiality around IT systems to produce unbiased reports on information security risk.
• Conduct quality assurance reviews of security requirements and audit recommendations for implementation of identified solutions.
• Effectively communicate requirements and educate IT stakeholders on appropriate security design and technical configuration of related controls on IT platforms throughout their lifecycle.
• Work closely with IT project teams to develop implementation plans for new security-related products, platforms and services.
• Advocate information security by working closely and proactively with IT stakeholders, service providers, and business units to provide security-related technical solutions.
• Identify opportunities to improve business practices or IT security-related processes.
• Prioritize, monitor, and assess compliance and audit recommendation results to ensure they are comprehensive, robust, and of high quality.
• Support the information security assurance manager in maintaining the Fund's ISO 27001 certification by promoting self-compliance to policies and standards by IT staff and managers.
• Keep abreast of international information security codes of practice such as ISO 27001/27002, information security and privacy regulations and their impact on IMF information assets.
• Analyze, recommend, and implement process improvements within the context of information security.

Requirements

• Bachelor's degree in information security, computer science, engineering, mathematics, business, or related field of study plus a minimum of 10 years of relevant experience working in infrastructure or enterprise security roles; OR Advanced degree in Information Security, computer science, engineering, mathematics, business, or related field of study plus a minimum of 4 years of relevant experience working in infrastructure or enterprise security roles.
• Certifications: CISSP or CISM (minimum required).
• Preferred certifications: CCSP, Microsoft Certified: Cybersecurity Architect Expert, Microsoft Certified: Azure Solutions Architect Expert, other Microsoft cloud security related certifications at the Expert level, GIAC certifications, Offensive security related certifications, Red Hat Certified Engineer (RHCE®)/ Red Hat® Certified Architect (RHCA).
• Proven track record in delivering technical security assurance and engineering solutions, with practical implementation experience in operational security within regulated environments.
• Extensive technical security experience across a broad range of core Azure services, including Microsoft 365 security controls, Entra ID, Microsoft Defender suite, Azure network security, and other key components of the Microsoft security ecosystem.
• Advanced working knowledge (preferably previous hands-on experience) in a wide array of infrastructure services such as Virtualization Platform, Linux and Windows Operating systems and OS applications, Active Directory and related services, Networking services – switches and routers and other supporting services.
• Experience with Web Servers (Apache and IIS), Applications (Tomcat and other application servers), Database systems (MSSQL, PgSQL, Oracle, MongoDB etc.), Security technologies (Firewall - Checkpoint, Palo Alto, Azure Firewall), IDS/IPS, Proxy service (forward and reverse), Zero trust, SIEM, SOAR, Network detection and Response (NDR).
• Hands-on security configuration of platforms (cloud and non-cloud).
• Basic IT consultancy skills with expertise in securing application, database, and infrastructure components through tailored hardening approaches using modern tools and techniques.
• Pragmatic security expert with ability to balance security demands with business reality.
• Commitment to continuous learning to stay current with evolving cybersecurity landscape and effectively apply security controls supporting business goals.
• Strong knowledge of security solutions, emerging threats, and effective countermeasures.
• Analytical skills enabling synthesis of inputs from many sources and allowing strategic thinking and tactical implementation.
• Compelling spoken and written communication skills to articulate complex technical ideas to non-technical stakeholders.
• Ability to think laterally and propose detailed, complex solutions to technical issues.
• Interpersonal skills that create openness and trust among colleagues.
• Ability to work well under pressure and meet tight deadlines with high motivation, confidence, integrity, and responsibility.
• Organizational skills, responsiveness, and ability to multi-task with focus on driving results.
• Excellent interpersonal and relationship management skills, ability to work independently and in teams, including with senior staff and managers.
• Facilitation and conflict management skills enabling effective working relationships.

Skills

• Information Security
• Infrastructure Security
• Enterprise Security
• CISSP Certification
• CISM Certification
• CCSP
• Microsoft Cybersecurity Architect
• Azure Solutions Architect
• GIAC Certification
• Offensive Security
• Red Hat Certified Engineer
• Technical Security Assurance
• Operational Security (OPSEC)
• Azure Security Services
• Microsoft 365 Security Controls
• Entra ID
• Microsoft Defender
• Azure Network Security
• Virtualization Platform
• Linux Operating System
• Windows Operating System
• Active Directory
• Networking Services
• Web Server Security
• Application Server Security
• Database Security
• Firewall setup
• IDS/IPS
• Proxy Services
• Zero Trust principles
• SIEM
• SOAR Platforms
• Network Detection and Response
• Security Configurations
• IT Consultancy
• Application Hardening
• Database Hardening
• Infrastructure Hardening
• Cybersecurity Threats
• Security Countermeasures
• Analytical Skills
• Technical Communication
• Solution Design
• Facilitation Skills
• Conflict Management

Languages

English