Hiring.fm
IMF

Security Analyst/Senior Security Analyst (Cloud Security Assurance) - ITDSGGR (Contractual)

USA, Washington DC Full time

Work for the IMF. Work for the World.

 

The Information Technology Department (ITD) at the IMF is more than just a support function; it is a critical catalyst for change. We champion the seamless integration of cutting-edge technology solutions, ensuring the IMF's mission is propelled by innovation and efficiency. 

 

Within the IT department, the Information Security and Governance (ISG) division and other first-line cybersecurity teams stand as guardians of integrity and a beacon of trust. We are not just about managing risks; we are about envisioning, enabling, and implementing a secure future for global economic stability. Our teams are dedicated to:  

  • Crafting and executing a forward-thinking and resilient Cybersecurity Strategy.  

  • Enacting inclusive governance that balances security needs with operational fluidity.  

  • Developing policies and standards that stay ahead of the threat landscape.  

  • Ensuring compliance, resilience, and agility in our cybersecurity posture.  

  • Engaging in relentless evaluation, management, and tracking of cybersecurity and digital risks linked to the utilization of the IMF’s information assets, ensuring a secure operational framework.  

  • Continuously enriching our annual information security culture, awareness, and education initiative, fostering a security-conscious environment across the organization.  

  • Administering a compliance management program dedicated to maintaining firm adherence to the IMF's information security policies and standards.  

  • Preserving a solid enterprise security reference architecture that acts as a safeguard for the IMF's information assets against pertinent threats.  

  • Engineering, implementing, and sustaining secure and resilient technological solutions, spanning both on-premises and cloud infrastructures, to support the IMF's mission.  

  • Overseeing cyber threat intelligence, incident management, digital forensics, and investigations, alongside championing innovation in cybersecurity practices to achieve operational excellence and deliver value promptly.  

 

As we expand our efforts to serve the IMF's staff and its members more effectively, we invite seasoned cybersecurity professionals to our elite cybersecurity teams. We are looking for individuals with the requisite skills and expertise to address the current and forthcoming cybersecurity and business challenges faced by the IMF. 

 

Job Summary 

The Information Technology Department (ITD)’s Information Security and Governance (ISG) division of the International Monetary Fund (IMF) is seeking to fill a Security Analyst/Senior Security Analyst (Cloud Security Assurance) position. 

   

Under the general supervision of an information security assurance manager, the Security Analyst/Senior Security Analyst (Cloud Security Assurance) will provide expertise with definition, design, engineering, and validation of security configuration of technology platforms in the cloud and on-premises. 

 

The candidate will be required to work with project teams, service providers, and business units internal and external to the Fund’s IT function. The candidate is expected to bring pragmatic on-premises and cloud security and risk management experience, allowing the Fund to meet its present and emergent business needs. The candidate is expected to advise and influence technology and business personnel regarding the value and methods of safeguarding information, applications, systems, infrastructure, and activities to help ensure that technologies function optimally; work practices are optimized so that the information risks are managed. 

 

Minimum Qualifications 

Education 

  • Bachelor's degree in information security, computer science, engineering, mathematics, business, or related field of study plus a minimum of 10 years of relevant experience working in cloud security, assurance, or architecture roles; OR 

  • Advanced degree in Information Security, computer science, engineering, mathematics, business, or related field of study plus a minimum of 4 years of relevant experience working in cloud security, assurance, or architecture roles. 

Certifications: (Minimum plus at least 2 preferred) 

CISSP or CISM (minimum required) 

Microsoft Certified: Azure Security Engineer Associate (minimum required) 

CCSP (preferred) 

Microsoft Certified: Cybersecurity Architect Expert (preferred) 

Microsoft Certified: Azure Solutions Architect Expert (preferred) 

Microsoft Certified: Azure Administrator Associate (preferred) 

Microsoft Certified: Azure DevOps Engineer Expert (preferred) 

Other Microsoft cloud security related certifications at the Expert level (preferred) 

GIAC cloud security related certifications (preferred) 

Technical Experience should include:  

  • Proven track record delivering technical security assurance and engineering solutions, with hands-on experience in operational security for regulated environments, especially in Azure and Microsoft cloud platforms. 
  • Multi-cloud security posture management and familiarity with tools like Wiz, Orca, Prisma Cloud, Microsoft Defender for Cloud, etc. 
  • Extensive technical hands-on security experience across a broad range of Microsoft cloud services, including Azure IaaS/PaaS, Entra ID, Conditional Access Policies, PIM; Azure Policy and Defender for Cloud; Intune; Graph API, Azure Monitor and Microsoft Sentinel; Microsoft 365 security (Exchange Online, Teams, SharePoint/OneDrive), and other key components of the Microsoft security ecosystem such as Purview. 
  • Advanced working knowledge (preferably previous hands-on experience) in: 
  • Windows/Linux administration fundamentals, Firewalls, Active Directory/Entra hybrid concepts, and Azure networking (VNets, subnets, NSGs, Private Link, Application Gateway). 
  • Zero Trust principles; Azure Firewall/WAF and cloud edge controls; SIEM/SOAR (Microsoft Sentinel preferred); familiarity with enterprise security tooling and NDR concepts. 
  • Proficiency in PowerShell scripting to automate compliance checks, configuration, and reporting across Azure and Entra ID. 
  • Deep expertise with Entra ID app registrations, OAuth 2.0/OIDC flows, delegated vs. application permissions, Graph API consent models, admin/user consent workflows, and permission governance. 
  • Experience with Power Automate, Power Apps, Power BI, Data Factory 
  • Demonstrates expertise in securing infrastructure, application and database components through tailored hardening approaches, employing modern tools and techniques to protect the full technology stack. 
  • Hands-on experience with Infrastructure as Code (IaC) security scanning (e.g., Checkov, tfsec, etc.). 
  • Securing Kubernetes clusters and containerized workloads (e.g., AKS, etc.). 
  • Experience with serverless security (e.g., Azure Functions, etc.) and related risks. 
  • Automation of security controls and compliance checks using scripting (Python, Bash, PowerShell). 
  • Pragmatic security expert with an inherent ability to balance security demands with business reality. Demonstrates a commitment to continuous learning to stay current with the evolving cybersecurity landscape and to effectively apply security controls that support business goals. Strong knowledge of security solutions, emerging threats, and effective countermeasures. 

 

Required Soft Skills 

  • Analytical skills that enable synthesis of inputs from many sources and allow for strategic thinking and tactical implementation.  
  • Spoken and written communications that are compelling, convincing, and reassuring, and skills to articulate complex technical ideas to non-technical stakeholders.  
  • Ability to think laterally and to have input to / propose detailed, complex solutions to technical issues.  
  • Interpersonal skills that create openness and trust among colleagues. 
  • Ability to work well under pressure and to meet tight deadlines. Demonstrates a high level of motivation, confidence, integrity, and responsibility. 
  • Ability to be organized, responsive, and to be able to effectively multi-task with a focus on driving results. 
  • Demonstrate excellent interpersonal and relationship management skills. This includes the ability to work independently, effectively in a team/task force as a team member or leader, and with senior staff and managers. 
  • Ability to work well under pressure and to meet tight deadlines, whilst demonstrating a high level of motivation, confidence, integrity, and responsibility. 
  • Excellent relationship management skills. Facilitation and conflict management skills that enable effective working relationships.  

 

Major Duties and Responsibilities 

Specific responsibilities include: 

  • Senior individual contributor to provide cybersecurity assurance expertise for a broad range of IT initiatives with a focus on Microsoft Azure, Entra ID and hybrid cloud environments. This includes but is not limited to defining, guiding the engineering and validating implementation of technology agnostic security control standards, technology-specific configuration baselines (security hardening) and implementation guidelines for technology platforms (both cloud and on-prem) and services, with emphasis on automation for security configuration and posture management, policy-as-code (Azure Policy, Terraform). 
  • Maintain impartiality around IT systems to produce unbiased reports on information security risk.  
  • Conducts quality assurance reviews of security requirements and audit recommendations for the implementation of identified solutions.  
  • Effectively communicates requirements and provides guidance to staff and stakeholders in different IT teams on appropriate security design and technical configuration of related controls on IT platforms throughout their lifecycle. 
  • Works closely with IT project teams to develop and implement security controls for new and existing cloud services, including but not limited to Microsoft Azure, Entra ID and Microsoft 365 ecosystem. 
  • As an advocate of information security, works closely and proactively with IT stakeholders, service providers, and business units to provide security-related technical solutions. Identifies opportunities to improve business practices or IT security-related processes, including automation, compliance, and secure integration. 
  • Prioritizes, monitors, and assesses compliance and audit recommendation results to ensure they are comprehensive, robust, and of high quality. 
  • Support Zero Trust initiatives, by promoting identity-centric access, device health posture, segmentation, and continuous verification across services. 
  • Develops and maintains scripts and templates (e.g. PowerShell, Python, Azure Policy, Terraform) to perform compliance checks and generate reporting across Azure and Entra ID. 
  • Supports logging and monitoring efforts, using Azure Monitor, Log Analytics (KQL), and Microsoft Sentinel. 
  • Contributes to secure design, architecture and configuration of services such as Azure Kubernetes, Functions, APIM, Key Vault, etc., and Power Platform. 
  • Designs and validates security configuration baselines for SaaS platforms (e.g., ServiceNow, Workday, Salesforce, etc.), ensuring alignment with organizational policies and compliance requirements.” 
  • Other ad hoc responsibilities may include: 
  • Support the information security assurance manager with audit and compliance initiatives such as the Fund's ISO 27001 certification, IT General Controls relevant for ICFR, internal and external audits, etc., promoting self-compliance to policies and standards by IT staff and managers. Keeps abreast of international standards, best practices and regulations in the areas of information security, artificial intelligence, and data privacy, and how these measures could affect information assets owned by, or administered on behalf of, the IMF.  
  • Analyzes, recommends, and implements process improvements within the context of information security. 

This is a one-year contractual appointment. Contractual appointments at the IMF are renewable for up to four years of cumulative contractual service, pending incumbent's performance, budget availability, and continuous business need.

Department:

ITDSG Information Technology Department Information Security & Governance

Hiring For:

A11, A12

The IMF is guided by the principle that the employment, classification, promotion, and assignment of staff shall be made without discrimination against any person. We welcome requests for reasonable accommodations for disabilities during the selection process. Information on how to request accommodations will be provided during the application process.