Security Analyst/Senior Security Analyst (Cloud Security Assurance) - ITDSGGR (Contractual)
International Monetary Fund
- # Security Analyst/Senior Security Analyst (Cloud Security Assurance) - ITDSGGR (Contractual)Applylocations: USA, Washington DCtime type: Full timeposted on: Posted Yesterdaytime left to apply: End Date: July 9, 2026 (13 days left to apply)job requisition id: 25-R8630Work for the IMF. Work for the World. \*\* This position is being readvertised. Previous Candidates need not reapply. \*\*The Information Technology Department (ITD) at the IMF is more than just a support function; it is a critical catalyst for change. We champion the seamless integration of cutting-edge technology solutions, ensuring the IMF's mission is propelled by innovation and efficiency.Within the IT department, the Information Security and Governance (ISG) division and other first-line cybersecurity teams stand as guardians of integrity and a beacon of trust. We are not just about managing risks; we are about envisioning, enabling, and implementing a secure future for global economic stability. Our teams are dedicated to:* Crafting and executing a forward-thinking and resilient Cybersecurity Strategy.* Enacting inclusive governance that balances security needs with operational fluidity.* Developing policies and standards that stay ahead of the threat landscape.* Ensuring compliance, resilience, and agility in our cybersecurity posture.* Engaging in relentless evaluation, management, and tracking of cybersecurity and digital risks linked to the utilization of the IMF’s information assets, ensuring a secure operational framework.* Continuously enriching our annual information security culture, awareness, and education initiative, fostering a security-conscious environment across the organization.* Administering a compliance management program dedicated to maintaining firm adherence to the IMF's information security policies and standards.* Preserving a solid enterprise security reference architecture that acts as a safeguard for the IMF's information assets against pertinent threats.* Engineering, implementing, and sustaining secure and resilient technological solutions, spanning both on-premises and cloud infrastructures, to support the IMF's mission.* Overseeing cyber threat intelligence, incident management, digital forensics, and investigations, alongside championing innovation in cybersecurity practices to achieve operational excellence and deliver value promptly.As we expand our efforts to serve the IMF's staff and its members more effectively, we invite seasoned cybersecurity professionals to our elite cybersecurity teams. We are looking for individuals with the requisite skills and expertise to address the current and forthcoming cybersecurity and business challenges faced by the IMF.**Job Summary**The Information Technology Department (ITD)’s Information Security and Governance (ISG) division of the International Monetary Fund (IMF) is seeking to fill a **Security Analyst/Senior Security Analyst (Cloud Security Assurance) position.**Under the general supervision of an information security assurance manager, the **Security Analyst/****Senior Security Analyst (Cloud Security Assurance)** will provide expertise with definition, design, engineering, and validation of security configuration of technology platforms in the cloud and on-premises.The candidate will be required to work with project teams, service providers, and business units internal and external to the Fund’s IT function. The candidate is expected to bring pragmatic on-premises and cloud security and risk management experience, allowing the Fund to meet its present and emergent business needs. The candidate is expected to advise and influence technology and business personnel regarding the value and methods of safeguarding information, applications, systems, infrastructure, and activities to help ensure that technologies function optimally; work practices are optimized so that the information risks are managed.**Minimum Qualifications**Education* Bachelor's degree in information security, computer science, engineering, mathematics, business, or related field of study plus a minimum of 10 years of relevant experience working in cloud security, assurance, or architecture roles; **OR*** Advanced degree in Information Security, computer science, engineering, mathematics, business, or related field of study plus a minimum of 4 years of relevant experience working in cloud security, assurance, or architecture roles.Certifications: (Minimum plus at least 2 preferred)CISSP or CISM (minimum required)Microsoft Certified: Azure Security Engineer Associate (minimum required)CCSP (preferred)Microsoft Certified: Cybersecurity Architect Expert (preferred)Microsoft Certified: Azure Solutions Architect Expert (preferred)Microsoft Certified: Azure Administrator Associate (preferred)Microsoft Certified: Azure DevOps Engineer Expert (preferred)Other Microsoft cloud security related certifications at the Expert level (preferred)GIAC cloud security related certifications (preferred)Technical Experience should include:* Proven track record delivering technical security assurance and engineering solutions, with hands-on experience in operational security for regulated environments, especially in Azure and Microsoft cloud platforms.* Multi-cloud security posture management and familiarity with tools like Wiz, Orca, Prisma Cloud, Microsoft Defender for Cloud, etc.* Extensive technical hands-on security experience across a broad range of Microsoft cloud services, including Azure IaaS/PaaS, Entra ID, Conditional Access Policies, PIM; Azure Policy and Defender for Cloud; Intune; Graph API, Azure Monitor and Microsoft Sentinel; Microsoft 365 security (Exchange Online, Teams, SharePoint/OneDrive), and other key components of the Microsoft security ecosystem such as Purview.* Advanced working knowledge (preferably previous hands-on experience) in:* Windows/Linux administration fundamentals, Firewalls, Active Directory/Entra hybrid concepts, and Azure networking (VNets, subnets, NSGs, Private Link, Application Gateway).* Zero Trust principles; Azure Firewall/WAF and cloud edge controls; SIEM/SOAR (Microsoft Sentinel preferred); familiarity with enterprise security tooling and NDR concepts.* Proficiency in PowerShell scripting to automate compliance checks, configuration, and reporting across Azure and Entra ID.* Deep expertise with Entra ID app registrations, OAuth 2.0/OIDC flows, delegated vs. application permissions, Graph API consent models, admin/user consent workflows, and permission governance.* Experience with Power Automate, Power Apps, Power BI, Data Factory* Demonstrates expertise in securing infrastructure, application and database components through tailored hardening approaches, employing modern tools and techniques to protect the full technology stack.* Hands-on experience with Infrastructure as Code (IaC) security scanning (e.g., Checkov, tfsec, etc.).* Securing Kubernetes clusters and containerized workloads (e.g., AKS, etc.).* Experience with serverless security (e.g., Azure Functions, etc.) and related risks.* Automation of security controls and compliance checks using scripting (Python, Bash, PowerShell).* Pragmatic security expert with an inherent ability to balance security demands with business reality. Demonstrates a commitment to continuous learning to stay current with the evolving cybersecurity landscape and to effectively apply security controls that support business goals. Strong knowledge of security solutions, emerging threats, and effective countermeasures.Required Soft Skills* Analytical skills that enable synthesis of inputs from many sources and allow for strategic thinking and tactical implementation.* Spoken and written communications that are compelling, convincing, and reassuring, and skills to articulate complex technical ideas to non-technical stakeholders.* Ability to think laterally and to have input to / propose detailed, complex solutions to technical issues.* Interpersonal skills that create openness and trust among colleagues.* Ability to work well under pressure and to meet tight deadlines. Demonstrates a high level of motivation, confidence, integrity, and responsibility.* Ability to be organized, responsive, and to be able to effectively multi-task with a focus on driving results.* Demonstrate excellent interpersonal and relationship management skills. This includes the ability to work independently, effectively in a team/task force as a team member or leader, and with senior staff and managers.* Ability to work well under pressure and to meet tight deadlines, whilst demonstrating a high level of motivation, confidence, integrity, and responsibility.* Excellent relationship management skills. Facilitation and conflict management skills that enable effective working relationships.**Major Duties and Responsibilities**Specific responsibilities include:* Senior individual contributor to provide cybersecurity assurance expertise for a broad range of IT initiatives with a focus on Microsoft Azure, Entra ID and hybrid cloud environments. This includes but is not limited to defining, guiding the engineering and validating implementation of technology agnostic security control standards, technology-specific configuration baselines (security hardening) and implementation guidelines for technology platforms (both cloud and on-prem) and services, with emphasis on automation for security configuration and posture management, policy-as-code (Azure Policy, Terraform).* Maintain impartiality around IT systems to produce unbiased reports on information security risk.* Conducts quality assurance reviews of security requirements and audit recommendations for the implementation of identified solutions.* Effectively communicates requirements and provides guidance to staff and stakeholders in different IT teams on appropriate security design and technical configuration of related controls on IT platforms throughout their lifecycle.* Works closely with IT project teams to develop and implement security controls for new and existing cloud services, including but not limited to Microsoft Azure, Entra ID and Microsoft 365 ecosystem.* As an advocate of information security, works closely and proactively with IT stakeholders, service providers, and business units to provide security-related technical solutions. Identifies opportunities to improve business practices or IT security-related processes, including automation, compliance, and secure integration.* Prioritizes, monitors, and assesses compliance and audit recommendation results to ensure they are comprehensive, robust, and of high quality.* Support Zero Trust initiatives, by promoting identity-centric access, device health posture, segmentation, and continuous verification across services.* Develops and maintains scripts and templates (e.g. PowerShell, Python, Azure Policy, Terraform) to perform compliance checks and generate reporting across Azure and Entra ID.* Supports logging and monitoring efforts, using Azure Monitor, Log Analytics (KQL), and Microsoft Sentinel.* Contributes to secure design, architecture and configuration of services such as Azure Kubernetes, Functions, APIM, Key Vault, etc., and Power Platform.* Designs and validates security configuration baselines for SaaS platforms (e.g., ServiceNow, Workday, Salesforce, etc.), ensuring alignment with organizational policies and compliance requirements.”* Other ad hoc responsibilities may include:* Support the information security assurance manager with audit and compliance initiatives such as the Fund's ISO 27001 certification, IT General Controls relevant for ICFR, internal and external audits, etc., promoting self-compliance to policies and standards by IT staff and managers. Keeps abreast of international standards, best practices and regulations in the areas of information security, artificial intelligence, and data privacy, and how these measures could affect information assets owned by, or administered on behalf of, the IMF.* Analyzes, recommends, and implements process improvements within the context of information security.This is a one-year contractual appointment. Contractual appointments at the IMF are renewable for up to four years of cumulative contractual service, pending incumbent's performance, budget availability, and continuous business need.
- J-18808-Ljbffr International Monetary Fund
Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Security Analyst/Senior Security Analyst (Cloud Security Assurance) - ITDSGGR (Contractual) in Washington DC vacancy
- ## Security Analyst/Senior Security Analyst (Infrastructure Security) - ITDSGGR (Contractual)Applylocations: USA, Washington DCtime type: Full timeposted... ...both on-premises and cloud infrastructures, to support... ...of an information security assurance manager, the **Security...CloudSenior
- ...International Monetary Fund is seeking a Security Analyst/Senior Security Analyst in Washington DC to... ...security and relevant experience in cloud services and risk management. An advanced... ...CISSP or CISM are preferred for this contractual position. #J-18808-Ljbffr...CloudSenior
- ...International Monetary Fund is seeking a Security Analyst/Senior Security Analyst for its ITD’s ISG... ...validating security configurations across cloud and on-premises platforms. Ideal... ...degree in a related field. The position is contractual with opportunities for renewal based...CloudSeniorContract work
- ...and translating requirements into actionable security plans. Our team supports cloud and on-premises security governance while ensuring... ...with technical and Government stakeholders. Senior Security Governance and Policy Analyst Serve as a principal security policy advisor...CloudSenior
- ...qualified applicants to apply. We are currently seeking a Senior Security Operations Analyst to support cybersecurity operations within a federal... ...alerting systems Log analysis across network, endpoint, and cloud environments Threat detection and monitoring tools...CloudSeniorFull timeLocal areaShift work
$166k - $220k
...Detection and Response team is looking for a Security Operations Analyst to be the watchtower for Anduril's... ...the detection engineering team. As a Senior SecOps Analyst, you will serve as an... ...not limited to, phishing, endpoints, cloud infrastructure and services, and SaaS...CloudSeniorRelocation package$140.5k
...designing and implementing security measures to meet the... ...risk and advises senior management on resilience... ...Information Security Analyst is a senior individual... ...against regulatory and/or contractual requirements. Provide... ...risk management, cloud security principles, and...CloudSeniorWork at officeRelocation$100k - $120k
...Clearance requirement. BRMi is seeking a Security Analyst to support cybersecurity operations,... ...management, compliance, and information assurance activities in support of NIH enterprise... ...reviews and technology evaluations. Support cloud security and modernization initiatives...CloudTemporary workLocal areaRemote workVisa sponsorshipWork visaBRMi
Bethesda, MD1 day ago- ...International Monetary Fund (IMF) is seeking a Security Analyst/Senior Security Analyst dedicated to Cloud Security Assurance. This pivotal role requires expertise in... ...IT initiatives. The position is a one-year contractual appointment based in Washington, DC. #J-188...CloudSenior
- ...private-sector and public-sector clients to help solve national security problems. Job Description Research, verify and document... ...Process, Certification and Accreditation Compliance, Information Assurance Vulnerability Management Compliance, Inspection Compliance Status...Senior
Qmulos
Washington DC6 hours ago $70 - $80 per hour
We are seeking a Senior Security Analyst / Vulnerability Management Lead to join our security compliance team. In this role, you will work closely... ....io, Nessus Manager, and Nessus scanners (on‑prem and cloud). Analyze, prioritize, and track remediation of vulnerabilities...CloudSeniorContract workTemporary workWork experience placement- ...cybersecurity challenges. Ideal candidates should have an active Top Secret clearance, 5-7 years of IT security experience, and a strong background in information assurance tools. Responsibilities include researching security controls, proposing security policies, and...Senior
- ...Description Dexian Government Solutions is recruiting for a Senior Security Governance and Policy Analyst to support our proposal effort for the DHS CIETS in... ...cybersecurity policy and guidance, experienced with cloud and on-premise environments, and experienced in...CloudSeniorContract workTemporary workLocal area
- ...Consultants (CTC, Inc.) is seeking a Senior Cybersecurity Operations Analyst 3 to support our customer onsite in... ...lifecycle IT, data analytics, cloud managed hosting services, agile software... ..., DevOps, Test Automation, Cyber Security, and infrastructure solutions. Additionally...CloudSeniorLong term contractLocal areaFlexible hours
- ...The opportunity As an Offensive Security Analyst on the Attack Surface Management team, you will play a key role in evaluating and reducing... ..., identifying vulnerabilities across web applications, APIs, cloud environments, networks, and infrastructure. This includes testing...CloudSummer holidayFlexible hours
Ernst & Young Oman
Washington DC3 days ago $155k - $220k
Koitecc Solutions is looking for a highly skilled AWS Cloud Assurance Manager in Washington, DC, to lead the design and execution of cloud security assurance programs. You will be responsible for establishing cloud security strategy and maintaining visibility into the business...CloudSenior- ...Security Operations Center (SOC) Analyst Washington, District of Columbia, United States About the job Security Operations Center (SOC) Analyst Job Description... ...) and security automation is a plus. Knowledge of cloud security and experience in monitoring cloud-based...Cloud
10xTalents
Washington DC1 day ago - ...Job Category: OPS \Employee Type: Exempt \Required Degree: 4 Year Degree \Travel Requirement: 100% \Description \ As a Senior Security Operations Analyst, you play a critical role in safeguarding our organization's digital assets. You lead efforts to detect, analyze, and...SeniorTemporary workLocal areaFlexible hours
Goebel Fixture Company
Washington DC4 days ago - Arlo Solutions, located in Arlington, VA, is seeking a skilled Law Enforcement & Security IT Technical Program Analyst to provide senior-level technical and program management support for Department of War initiatives. The ideal candidate will have expertise in LE and Security...Senior
$105k - $116k
...Information Security Analyst District Partners has been engaged by a well‑established trade association to identify an Information Security... ...collaborative technology team where security, infrastructure, and cloud operations work closely together to support the business....CloudPermanent employmentFull timeRemote workDistrict Partners
Arlington, VA3 days ago- Arlo Solutions LLC is seeking a Law Enforcement & Security IT Technical Program Analyst in Arlington, VA. You will provide expert technical and analytical... ...managing enterprise-level security programs, supporting senior leadership, and developing technical strategies. The...Senior
$116k - $175k
Applied Information Sciences is seeking a Principal Facility Security Officer in Washington, D.C. You will support the establishment of the Private Sector Clearance Program and ensure compliance with security directives. The ideal candidate will have extensive experience...Senior$116k - $175k
Applied Information Sciences, Inc is seeking a Principal Facility Security Officer in Washington, DC. This role involves supporting personnel security investigations and adjudication processes in a federal environment. Ideal candidates will have a Bachelor's degree and...Senior$110k - $140k
Ardent Eagle Solutions seeks a cybersecurity professional to perform security analysis at the NIGC HQ in Washington, DC. The ideal candidate will possess at least six years of experience in cybersecurity and threat monitoring, with the ability to obtain a U.S. Government...SeniorRemote job- Watermark Risk Management International is seeking a Program Security Representative II in Arlington, Virginia. This position involves providing multi-discipline security support for Special Access Programs and ensuring compliance with security policies. Ideal candidates...Senior
$90k - $117k
Mano Lani LLC is seeking a Financial Analyst III to provide advanced financial management and support to the DARPA Adaptive Capabilities Office. The role involves financial analysis, budget tracking, and program planning in a dynamic environment. Candidates should have...SeniorWork at office$116k - $175k
AIS (Applied Information Sciences) is seeking a Principal Facility Security Officer to support personnel security investigations for a federal client. The role ensures compliance with security and Intelligence Community requirements while analyzing investigative materials...Senior$147k - $164k
...Senior Information Security Analyst Position Title: Senior Information Security Analyst (Senior Level) Position Type: Full Time Employee Location: Arlington, VA (within 50 miles of ARNG Readiness Center, TARC) Clearance Requirement: Top Secret / SCI Eligible Salary Range...SeniorFull timeContract workEmerald Technical Solutions
Arlington, VA6 hours ago- Title: Security Analyst - Forensics & Malware Analysis Location: Chandler, AZ or Washington, DC Terms: Full-time Clearance: Active Secret... ..., or equivalent Experience analyzing Windows, Linux, and/or cloud‑based environments for signs of compromise and attacker activity...CloudFull timeWork experience placementFlexible hours
$110k - $160k
Defensive Security Analyst - Washington, DC Hybrid, Washington DC SpecterOps is looking for candidates to support Security Operations at a... ...Knowledge of operating and maintaining a SIEM Knowledge of cloud architectures, particularly AWS or Azure Experience with programming...CloudRemote workHome officeMonday to FridayFlexible hoursWeekend work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Security Analyst/Senior Security Analyst (Cloud Security Assurance) - ITDSGGR (Contractual). Be the first to apply!
Related searches
- security analyst remote Washington DC
- senior information security analyst Washington DC
- information security compliance analyst Washington DC
- security analyst intern Washington DC
- security analyst Washington DC
- national security analyst Washington DC
- application security analyst Washington DC
- IT security analyst Washington DC
- entry level information security analyst Washington DC
- cloud security analyst Washington DC