Security Analyst/Senior Security Analyst (Cloud Security Assurance) - ITDSGGR (Contractual)

International Monetary Fund - IMF

Staff Closes 09 Jul 2026 1 days left

Overview

Provide expertise with definition, design, engineering, and validation of security configuration of technology platforms in the cloud and on-premises. Advise and influence technology and business personnel regarding safeguarding information, applications, systems, infrastructure, and activities.


Key Responsibilities
  • Provide cybersecurity assurance expertise for IT initiatives with a focus on Microsoft Azure, Entra ID and hybrid cloud environments.
  • Define, guide engineering, and validate implementation of technology agnostic security control standards, technology-specific configuration baselines, and implementation guidelines.
  • Maintain impartiality to produce unbiased reports on information security risk.
  • Conduct quality assurance reviews of security requirements and audit recommendations.
  • Communicate requirements and provide guidance to staff and stakeholders on appropriate security design and technical configuration.
  • Work closely with IT project teams to develop and implement security controls for new and existing cloud services.
  • Identify opportunities to improve business practices or IT security-related processes.
  • Prioritize, monitor, and assess compliance and audit recommendation results.
  • Support Zero Trust initiatives.
  • Develop and maintain scripts and templates to perform compliance checks and generate reporting.
  • Support logging and monitoring efforts.
  • Contribute to secure design, architecture and configuration of services.
  • Design and validate security configuration baselines for SaaS platforms.
  • Support information security assurance manager with audit and compliance initiatives.
  • Keep abreast of international standards, best practices and regulations.
  • Analyze, recommend, and implement process improvements within information security.
Required Experience
  • Minimum of 10 years of relevant experience working in cloud security, assurance, or architecture roles; OR Advanced degree plus a minimum of 4 years of relevant experience working in cloud security, assurance, or architecture roles. Technical Experience should include:
  • Proven track record delivering technical security assurance and engineering solutions, with hands-on experience in operational security for regulated environments, especially in Azure and Microsoft cloud platforms.
  • Multi-cloud security posture management and familiarity with tools like Wiz, Orca, Prisma Cloud, Microsoft Defender for Cloud, etc.
  • Extensive technical hands-on security experience across a broad range of Microsoft cloud services, including Azure IaaS/PaaS, Entra ID, Conditional Access Policies, PIM; Azure Policy and Defender for Cloud; Intune; Graph API, Azure Monitor and Microsoft Sentinel; Microsoft 365 security (Exchange Online, Teams, SharePoint/OneDrive), and other key components of the Microsoft security ecosystem such as Purview.
  • Advanced working knowledge (preferably previous hands-on experience) in: Windows/Linux administration fundamentals, Firewalls, Active Directory/Entra hybrid concepts, and Azure networking (VNets, subnets, NSGs, Private Link, Application Gateway).
  • Zero Trust principles; Azure Firewall/WAF and cloud edge controls; SIEM/SOAR (Microsoft Sentinel preferred); familiarity with enterprise security tooling and NDR concepts.
  • Proficiency in PowerShell scripting to automate compliance checks, configuration, and reporting across Azure and Entra ID.
  • Deep expertise with Entra ID app registrations, OAuth 2.0/OIDC flows, delegated vs. application permissions, Graph API consent models, admin/user consent workflows, and permission governance.
  • Experience with Power Automate, Power Apps, Power BI, Data Factory
  • Demonstrates expertise in securing infrastructure, application and database components through tailored hardening approaches.
  • Hands-on experience with Infrastructure as Code (IaC) security scanning (e.g., Checkov, tfsec, etc.).
  • Securing Kubernetes clusters and containerized workloads (e.g., AKS, etc.).
  • Experience with serverless security (e.g., Azure Functions, etc.) and related risks.
  • Automation of security controls and compliance checks using scripting (Python, Bash, PowerShell).
  • Pragmatic security expert with an inherent ability to balance security demands with business reality.
  • Demonstrates a commitment to continuous learning.
  • Strong knowledge of security solutions, emerging threats, and effective countermeasures.
Qualifications
  • Education:
  • Bachelor's degree in information security, computer science, engineering, mathematics, business, or related field of study.
  • OR
  • Advanced degree in Information Security, computer science, engineering, mathematics, business, or related field of study.
  • Certifications:
  • (Minimum plus at least 2 preferred)
  • CISSP or CISM (minimum required)
  • Microsoft Certified: Azure Security Engineer Associate (minimum required)
  • CCSP (preferred)
  • Microsoft Certified: Cybersecurity Architect Expert (preferred)
  • Microsoft Certified: Azure Solutions Architect Expert (preferred)
  • Microsoft Certified: Azure Administrator Associate (preferred)
  • Microsoft Certified: Azure DevOps Engineer Expert (preferred)
  • Other Microsoft cloud security related certifications at the Expert level (preferred)
  • GIAC cloud security related certifications (preferred)
Other Details
Languages Required
Spoken and written communications that are compelling, convincing, and reassuring, and skills to articulate complex technical ideas to non-technical stakeholders.
Languages Preferred
Not specified
Contract Duration
one-year contractual appointment
Work Modality
Not specified
Remuneration
Not specified
Apply

Similar Opportunities

INGO.WORK: