Security Analyst/Senior Security Analyst (Cloud Security Assurance) - ITDSGGR (Contractual)

Job Summary The International Monetary Fund (IMF) is recruiting a Security Analyst/Senior Security Analyst (Cloud Security Assurance) to work within the Information Technology Department’s Information Security and Governance (ISG) division. The role will provide expertise in defining, designing, engineering, and validating security configuration for technology platforms in the cloud and on-premises, working closely with project teams, service providers, and business units. Responsibilities Senior independent contributor providing cybersecurity assurance expertise for a broad range of IT initiatives focused on Microsoft Azure, Entra ID, and hybrid cloud environments. Define, guide, and validate implementation of technology-agnostic security control standards and platform-specific configuration baselines (security hardening) for both cloud and on-premises services, emphasizing automation and policy‑as‑code. Conduct quality assurance reviews of security requirements and audit recommendations, and produce unbiased risk reports. Communicate security requirements and provide guidance to IT teams and stakeholders on appropriate security design and technical configuration throughout the technology lifecycle. Develop and implement security controls for new and existing cloud services, including Azure, Entra ID, and Microsoft 365, alongside IT project teams. Advocate information security, proactively collaborating with IT stakeholders, service providers, and business units to provide technical security solutions. Identify opportunities to improve business practices and IT security processes, such as automation, compliance, and secure integration. Prioritize, monitor, and assess compliance and audit recommendation results to ensure comprehensive, robust, and high‑quality outcomes. Support Zero Trust initiatives by promoting identity‑centric access, device health posture, segmentation, and continuous verification across services. Develop and maintain scripts and templates (PowerShell, Python, Azure Policy, Terraform) to perform compliance checks and generate reporting across Azure and Entra ID. Support logging and monitoring efforts using Azure Monitor, Log Analytics (KQL), and Microsoft Sentinel. Contribute to secure design, architecture, and configuration of services such as Azure Kubernetes, Azure Functions, Azure API Management, Key Vault, and the Power Platform. Design and validate security configuration baselines for SaaS platforms (e.g., ServiceNow, Workday, Salesforce), ensuring alignment with organizational policies and compliance requirements. Assist the information security assurance manager with audit and compliance initiatives, including ISO 27001 certification, IT General Controls for ICFR, and internal/external audits. Stay current with international standards, best practices, and regulations in information security, AI, and data privacy, and recommend appropriate measures. Analyze, recommend, and implement process improvements within the context of information security. Qualifications Education: Bachelor’s degree in information security, computer science, engineering, mathematics, business, or related field with minimum 10 years of relevant cloud security experience; OR advanced degree with minimum 4 years of cloud security experience. Certifications: CISSP or CISM (required); Microsoft Certified: Azure Security Engineer Associate (required). Preferred: CCSP, Microsoft Certified: Cybersecurity Architect Expert, Microsoft Certified: Azure Solutions Architect Expert, Microsoft Certified: Azure Administrator Associate, Microsoft Certified: Azure DevOps Engineer Expert, and other Microsoft or GIAC cloud security certifications. Technical Experience: Proven track record delivering technical security assurance and engineering solutions in regulated environments, especially Azure and Microsoft cloud platforms; multi‑cloud security posture management (Wiz, Orca, Prisma Cloud, Microsoft Defender for Cloud, etc.); extensive hands‑on security experience across Microsoft cloud services; advanced working knowledge of Windows/Linux administration, firewalls, Active Directory/Entra hybrid concepts, Azure networking, Zero Trust principles, SIEM/SOAR, and enterprise security tooling. Proficiency in PowerShell scripting, Azure Policy, Terraform, and other IaC security scanning tools (Checkov, tfsec); experience securing Kubernetes clusters, containerized workloads, and serverless functions; automation of security controls via scripting (Python, Bash, PowerShell). Deep expertise with Entra ID app registrations, OAuth 2.0/OIDC flows, Graph API consent models, and governance of permissions. Experience with Power Platform (Power Automate, Power Apps, Power BI, Data Factory) for security workflows. Robust knowledge of security solutions, emerging threats, and effective countermeasures. Soft Skills: Analytical thinking, strategic and tactical implementation, compelling communication, lateral thinking, interpersonal trust, resilience under pressure, strong motivation, integrity, organization, and multitasking; ability to work independently and within a team; facilitation and conflict management skills. Contract and Compensation This is a one‑year contractual appointment. Contractual appointments may be renewed for up to four years of cumulative service, subject to performance, budget availability, and ongoing business need. Level: A11/A12. EEO and Accommodations The IMF is guided by the principle that employment and advancement decisions are made without discrimination against any person. Reasonable accommodations for disabilities are welcomed during the selection process. Application Information Work for the IMF. This position is being readvertised; previous candidates need not reapply. This role is open to all eligible applicants, regardless of nationality. #J-18808-Ljbffr International Monetary Fund