Security Analyst/Senior Security Analyst (Technical cyber risk management) - ITDSGGR (Contractual)
International Monetary Fund
- # Security Analyst/Senior Security Analyst (Technical cyber risk management) - ITDSGGR (Contractual)Applylocations: USA, Washington DCtime type: Full timeposted on: Posted Yesterdaytime left to apply: End Date: July 9, 2026 (13 days left to apply)job requisition id: 25-R8629Work for the IMF. Work for the World. **This position is being readvertised. Previous Candidates need not reapply.****Organizational Background**The Information Technology Department (ITD) at the IMF is more than just a support function; it is a critical catalyst for change. We champion the seamless integration of cutting-edge technology solutions, ensuring the IMF's mission is propelled by innovation and efficiency.Within the IT department, the Information Security and Governance (ISG) division and other first-line cybersecurity teams stand as guardians of integrity and a beacon of trust. We are not just about managing risks; we are about envisioning, enabling, and implementing a secure future for global economic stability. Our teams are dedicated to:* Crafting and executing a forward-thinking and resilient Cybersecurity Strategy.* Enacting inclusive governance that balances security needs with operational fluidity.* Developing policies and standards that stay ahead of the threat landscape.* Ensuring compliance, resilience, and agility in our cybersecurity posture.* Engaging in relentless evaluation, management, and tracking of cybersecurity and digital risks linked to the utilization of the IMF’s information assets, ensuring a secure operational framework.* Continuously enriching our annual information security culture, awareness, and education initiative, fostering a security-conscious environment across the organization.* Administering a compliance management program dedicated to maintaining firm adherence to the IMF's information security policies and standards.* Preserving a solid enterprise security reference architecture that acts as a safeguard for the IMF's information assets against pertinent threats.* Engineering, implementing, and sustaining secure and resilient technological solutions, spanning both on-premises and cloud infrastructures, to support the IMF's mission.* Overseeing cyber threat intelligence, incident management, digital forensics, and investigations, alongside championing innovation in cybersecurity practices to achieve operational excellence and deliver value promptly.As we expand our efforts to serve the IMF's staff and its members more effectively, we invite seasoned cybersecurity professionals to our elite cybersecurity teams. We are looking for individuals with the requisite skills and expertise to address the current and forthcoming cybersecurity and business challenges faced by the IMF.**Job Summary**The Information Technology Department (ITD)’s Information Security and Governance (ISG) division of the International Monetary Fund (IMF) is seeking to fill **4** **Security Analyst/Senior Security Analyst (Technical cyber risk management)** positions.Under the general supervision of an information security risk manager, the **Security Analyst****/Senior Sec****urity Analyst (Technical cyber risk management)** will provide expertise with security risk management and assessment of:* Azure cloud services (including but not limited to capabilities for IAM, Network Security, Policy Management, Key Management, etc.)* IT Products, platforms, and services (cloud and non-cloud)* Solutions with complex hybrid architectures* Identity and Access Management GovernanceThe candidate will be required to work with project teams, service providers, and business units internal and external to the Fund’s IT function. The candidate is expected to bring pragmatic cloud security and risk management experience, allowing the Fund to meet its present and emergent business needs. The candidate is expected to advise and influence technology and business personnel regarding the value and methods of safeguarding information, applications, systems, infrastructure, and activities to help ensure that technologies function optimally; work practices are optimized so that the information risks are managed.**Minimum Qualifications**EducationBachelor's degree in information security, computer science, engineering, mathematics, business, or related field of study plus a minimum of 10 years of relevant experience working as a technical information security risk manager or information security architect;**OR**Advanced degree in Information Security, computer science, engineering, mathematics, business, or related field of study plus a minimum of 4 years of relevant experience working as a technical information security risk manager or information security architect.Certifications: (Minimum plus at least 2 preferred)CISSP or CISM (minimum required)CCSP (preferred)Microsoft Certified: Cybersecurity Architect Expert (preferred)Other Microsoft cloud security related certifications at the Expert level (preferred)GIAC certifications (preferred)Offensive security related certifications (preferred)Experience must include:Prior work in a technical cybersecurity risk management function at organizations with security related regulatory requirements.Practical use of risk management concepts and principles - including assessment, prioritization, delivery of treatment plans, tracking and reporting, and metrics (accreditation and certification). Experience with NIST-SP800-30, ISO 27001/2, ISO 27005, COBIT.Embedding security into processes such as SDLC, Project Lifecycle, ITIL, etc.Demonstrated cybersecurity expertise with infrastructure, applications, and database system technologies.Basic IT consultancy skills. Ability to consult and deliver on the security hardening of application and infrastructure components, including tools, and techniques to ensure the security of application, database, and infrastructure components.Pragmatic security expert with an inherent ability to balance security demands with business reality. Ability to quickly grasp how new technologies work and how security controls should be applied to achieve business goals.Familiarity with a broad range of security technologies supplemented by in-depth knowledge in specific areas of relevance.Ability to quickly grasp how new technologies work and how they might be applied to achieve business goals.Knowledge of security solutions, latest threats, and countermeasures.Required Soft SkillsAnalytical skills that enable synthesis of inputs from many sources and allow for strategic thinking and tactical implementation.Spoken and written communications that are compelling, convincing, and reassuring, and skills to articulate complex technical ideas to non-technical stakeholders.Ability to think laterally and to have input to / propose detailed, complex solutions to technical issues.Interpersonal skills that create openness and trust among colleagues.Ability to work well under pressure and to meet tight deadlines. Demonstrates a high level of motivation, confidence, integrity, and responsibility.Ability to be organized, responsive and to be able to effectively multi-task with a focus on driving results.Demonstrate excellent interpersonal and relationship management skills. This includes the ability to work independently, effectively in a team/task force as a team member or leader, and with senior staff and managers.Ability to work well under pressure and to meet tight deadlines, whilst demonstrating a high level of motivation, confidence, integrity, and responsibility.Excellent relationship management skills. Facilitation and conflict management skills that enable effective working relationships.**Major Duties and Responsibilities**Specific responsibilities include:Senior individual contributor for information security risk management projects. Sample projects/programs could include but are not limited to:* Control design and assessment for high-demand technical areas such as ERP, IT Service Management, Identity and Access Management, IT Resiliency, Cloud, etc.* Compliance framework mapping and implementation,* Risk remediation management,* Information Security risk reporting and monitoring* Creation of road maps to mature or advance Information Security Strategies/Programs/Controls* Design and enablement of cyber controls functions and processes* Direct experience as a power user of Cybersecurity GRC/ solutions, tools, and technologies, specifically ServiceNow and Archer* Projects or roles requiring coordination across lines of defense working with technical, business, compliance, risk, and audit teams to deliver solutions.Delivery of information security risk assessments for large-scale IT implementation projects including consulting with security architecture function for threat modeling, appropriate tiering of N tier products/platforms, design of infrastructure security controls to protect system components.Practical use of risk management concepts and principles - including assessment, prioritization, delivery of treatment plans, tracking and reporting. Experience with NIST-SP800-30, ISO 27001/2, ISO 27005, COBIT.Consult and review the implementation of authentication, authorization (fine grained and coarse grained), and cryptography (PKI, SSL, Kerberos, crypto algorithms) mechanisms within applications.Consult with security assurance function on the delivery of technical security standards, configuration baselines and related procedures for the hardening of both cloud and non-cloud application and infrastructure components, tools, and techniques to ensure the security of application and infrastructure components such as LINUX/Windows servers, Web servers (IIS, Apache, tomcat), app servers, Databases (Oracle and MS SQL), endpoints (MAC, Windows, Apple IOS, etc.), and Web Application Firewalls.Collaborate with other security functions e.g., security architecture, security assurance, offensive security team (red/purple team), application security penetration testing team, to review and apply appropriate risk levels to the output of the assessments performed by the functions.Maintain impartiality around IT systems to produce unbiased reports on information security risk.Works closely with IT project teams to develop implementation plans for new security-related products and services.Conducts quality assurance reviews of security requirements for the implementation of identified solutions.Define/enhance process and procedures for using external security service providers including scoping, management of services, remediation tracking, and exception management.Effectively communicates requirements and trains staff and managers in IT divisions to identify and manage risks throughout the project lifecycle.Where applicable, manages the engagement process of external risk assessment providers and acts as a liaison with internal IT project teams and business units.As an advocate of information security, works closely and proactively with IT project team leaders, service providers, and business units to provide security-related technical solutions. Identifies opportunities to improve business practices or IT security-related processes.Other ad hoc responsibilities may include:* Analyzes, recommends, and implements process improvements within the context of information security.* Support governance activities for Identity and Access Management, where requested.This is a one-year contractual appointment. Contractual appointments at the IMF are renewable for up to four years of cumulative contractual service, pending incumbent's performance, budget availability, and continuous business need.**Department:**ITDSG Information Technology Department Information Security & Governance**Hiring For:**A11, A12*The IMF is guided by the principle that the employment, classification, promotion, and assignment of staff shall be made without discrimination against any person. We welcome requests for reasonable accommodations for disabilities during the selection process. Information on how to request accommodations will be provided during the application process.*
- J-18808-Ljbffr International Monetary Fund
Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Security Analyst/Senior Security Analyst (Technical cyber risk management) - ITDSGGR (Contractual) in Washington DC vacancy
- ## Security Analyst/Senior Security Analyst (Infrastructure Security) - ITDSGGR (Contractual)Applylocations: USA, Washington DCtime... ...not just about managing risks; we are about... ...mission.* Overseeing cyber threat intelligence... ...in delivering technical security assurance...CyberSenior
- ...International Monetary Fund is seeking a Security Analyst/Senior Security Analyst in Washington DC... ...efforts. This role involves managing technical cyber risks, compliance, and governance while... ...or CISM are preferred for this contractual position. #J-18808-Ljbffr...CyberSenior
$147k - $164k
...Senior Information Security Analyst Position Title: Senior Information Security... ...Overview Emerald Technical Solutions is seeking... ...supporting the ARNG Regional Cyber Center (RCC)... ...operations, SOC management, and incident response... ...orchestration Compliance & Risk Management Support...CyberSeniorFull timeContract workEmerald Technical Solutions
Arlington, VA4 hours ago$60k - $130k
Watermark Risk Management International is seeking a Physical Security Analyst to assist the U.S. Coast Guard in providing policy and security support for critical... ...along with physical security expertise and strong technical writing skills. The position offers an...Senior$166k - $220k
...software, space, and cyber domains. We\'re the architects... ...most urgent national security needs. By working... ...seeking a talented Technical Program Manager to join our rapidly... ...division objectives. Risk Management: Identify... ...program alignment with contractual obligations and...CyberSeniorFull timeFor contractorsWork experience placementRelocation package- ...qualified applicants to apply. We are currently seeking a Senior Security Operations Analyst to support cybersecurity operations within a federal... ...and monitoring tools Demonstrated experience in: Daily cyber monitoring and alert triage Incident response execution...CyberSeniorFull timeLocal areaShift work
- Watermark Risk Management International is seeking a Program Security Representative II in Arlington, Virginia. This position involves providing multi-discipline security support for Special Access Programs and ensuring compliance with security policies. Ideal candidates...Senior
- ...International Monetary Fund is seeking a Security Analyst/Senior Security Analyst for its ITD’s ISG... ...years of relevant experience, robust technical skills in cybersecurity, and a... ...in a related field. The position is contractual with opportunities for renewal based...SeniorContract work
$70 - $80 per hour
We are seeking a Senior Security Analyst / Vulnerability Management Lead to join our security compliance... ...infrastructure and communicate risk posture and remediation... ...degree in computer science, cyber security, engineering, or a related technical field. Additional experience...CyberSeniorContract workTemporary workWork experience placement- ARMADA, Ltd. is seeking a Physical Security Analyst in Washington, DC, to provide expert support for physical security policy development and risk management at a military service headquarters level. The role involves collaborating with stakeholders to protect personnel...SeniorFull timeWork at office
- ...Description ProSidian is a Management And Operations... .../solutions for Risk Management |... ...Seeks a Information Security Analyst (FISMA/NIST) |... ...and listed under a Senior Consultant Labor... ...(functional and technical area expertise also... ...Bachelor’s IT/Cyber. 5+ years security...CyberFull timeContract workTemporary workFor contractorsH1bWork at officeFlexible hours
$62k - $141k
...Cyber threats are evolving, and perimeter security and automated protection aren’t enough—it... ...them. Systems Security Analyst We’re looking for a... ...with eMASS or Xacta IA Manager Ability to perform risk analysis Top Secret... ...Experience with DoD security technical implementation guides...CyberLocal areaBooz Allen Hamilton
Arlington, VA15 hours ago- ...Information System Security Analyst to join our IT... ...systems from evolving cyber threats. The... ...Information and Event Management (SIEM) tools.... ...antivirus systems. Risk Assessment:... ...to management and senior IT staff. Training... ...security metrics for technical and non-technical...Cyber
TLA Inc
Washington DC15 hours ago - ...accomplished Information Security expert and have experience... ...a Security Remediation Analyst who Provides hands‑on technical expertise and is engaged... ...by federal and contract management, and be expected to perform... ...landscape (threat actors, APY, cyber‑crime, etc.)...CyberContract workWork experience placementFlexible hours
- Arlo Solutions, located in Arlington, VA, is seeking a skilled Law Enforcement & Security IT Technical Program Analyst to provide senior-level technical and program management support for Department of War initiatives. The ideal candidate will have expertise in LE and...Senior
- ...Solutions LLC is seeking a Law Enforcement & Security IT Technical Program Analyst in Arlington, VA. You will provide expert... ...relevant experience. This role involves managing enterprise-level security programs, supporting senior leadership, and developing technical strategies...Senior
- ...Technology, Information management, Information... ...us to provide IT security support for a wide... ...Information System Security Analyst duties include:... ...of NIST SP 800-37 Risk Management... ...validation and root cause Technical support in the... ...Familiarity with Cyber Security...CyberContract workWork experience placementWork at office
- ...clients to help solve national security problems. Job Description... ...Information Assurance Vulnerability Management Compliance, Inspection... ...information to advise on the risk and remediation of security issues... ...analytical, scientific, or technical disciplines) 5-7 years...Senior
Qmulos
Washington DC5 hours ago - Summary Security Operations Center Analyst II (SOC) Arlington, VA Responsibilities Monitor all... ...Perform event and incident management in accordance with established... ...commercial or government clients. Cyber threat capabilities and technical capabilities to defend...Cyber
$81.85k - $110k
...a 2nd shift (3pm - 11:30pm) Security Analyst to support the US Courts in... ...and understanding of current cyber threats and adversaries. Develops... ...professionals Leverages technical knowledge of computer... ...conducted via video with the hiring manager and/or team Camera must be...CyberFull timeCurrently hiringMonday to FridayFlexible hoursAfternoon shift$69.55k - $125.73k
...currently has an opening for a Mid‑Level Cyber Security Analyst to provide a full range of cyber... ...sensitive environment Collaborate with technical and threat intelligence analysts to provide... ...potential security incidents Create, manage, and dispatch incident tickets...CyberLong term contractPermanent employmentFull timeWork experience placementImmediate start$105k - $125k
...5,000.00 Title: Information Security Analyst III (Mid) Clearance Type: None... ...reports, and briefings for senior leadership and operational... ...materials for senior leadership and technical stakeholders. Present... ...awareness of global events, cyber threats, military developments...CyberFull time- ...Nightwing provides technically advanced full-spectrum cyber, data operations, systems integration... ...Nightwing is seeking a Cloud Security Analyst to support this critical... ...focuses on cloud security posture management, compliance validation, and risk mitigation for cloud-enabled...CyberContract workLocal areaImmediate start
Nightwing
Arlington, VA3 days ago $138k - $155k
Information Security Analyst (Mid-Level / Journeyman) Position Title: Information Security Analyst... ...award Position Overview Emerald Technical Solutions is seeking a mid-level (Journeyman... ...in direct support of the ARNG Regional Cyber Center (RCC-ARNG). The ideal candidate...CyberFull timeContract work- ...and translating requirements into actionable security plans. Our team supports cloud and on-... ...communication, compliance, and collaboration with technical and Government stakeholders. Senior Security Governance and Policy Analyst Serve as a principal security policy...Senior
$161.5k - $233.45k
Senior Cyber‑Supply Chain Risk Management Specialist Company: The Boeing Company Locations... ...engineering, compliance, security, and supply‑chain teams... ...skills; ability to translate technical control evidence into... ...and operationalizing contractual obligations into workstreams...CyberSeniorContract workFlexible hoursShift work$86.8k - $198k
...R0242155 Systems Security Analyst The Opportunity As... ...mitigate identified risks. This is an... ...inform operators and senior leadership or commanders... ...critical global cyber missions, this is... ...eMASS or Xacta IA Manager Ability to... ...with DoD security technical implementation guides...CyberFull timeContract workPart timeWork at officeLocal areaRemote workWorldwide$60k - $130k
...Subject Matter Experts specializing in security and risk management. We’re intimately familiar with DOD... ...people come first! Industrial Security Analyst In this role you will be a part of... ...Management Demonstrated customer service, technical writing and editing, and...Contract workFor contractorsLocal areaWorldwide- ...(CTC, Inc.) is seeking a Senior Cybersecurity Operations Analyst 3 to support our customer... ...IT, data analytics, cloud managed hosting services, agile... ...DevOps, Test Automation, Cyber Security, and infrastructure solutions... ...threat reports to inform risk management decisions....CyberSeniorLong term contractLocal areaFlexible hours
- Senior Security Operations Analyst We are seeking a Senior Security Operations Analyst to provide on‑demand... ...data. They analyze security events, manage incident response, and help implement... ...the NIGC mission, they also provide technical expertise to strengthen the agency’s...SeniorFull timePart time
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Security Analyst/Senior Security Analyst (Technical cyber risk management) - ITDSGGR (Contractual). Be the first to apply!
Related searches
- security analyst remote Washington DC
- senior information security analyst Washington DC
- information security compliance analyst Washington DC
- security analyst intern Washington DC
- security analyst Washington DC
- national security analyst Washington DC
- application security analyst Washington DC
- IT security analyst Washington DC
- entry level information security analyst Washington DC
- cloud security analyst Washington DC