Job
Description
Role Overview: As an IT Analyst specializing in Security, Risk, and Compliance at the World Bank, you will play a crucial role in managing high-visibility security incident responses. Your responsibilities will include swiftly identifying, containing, and remediating critical security incidents, working under intense pressure and round-the-clock availability. You will be expected to participate in all phases of the security incident response process, record detailed activities in the Case Management System, develop security incident response frameworks, and maintain technical proficiency in information security concepts and technologies. Key Responsibilities: - Provide Information Security Operations Center (ISOC) support on a 24x7x365 basis through shift work with rotation - Review information security alerts, prioritize based on impact, and assign to respective teams within the Information Security Office - Conduct investigative actions based on security events and follow standard operating procedures for remediation - Participate in all phases of security incident response process, including detection, containment, eradication, and reporting - Record detailed Security Incident Response activities in the Case Management System - Utilize Security Information and Event Management (SIEM) capabilities to develop alerts for anomaly detection - Assist in developing frameworks for security incident response and maintaining ISMS procedures for compliance - Maintain technical proficiency in information security concepts and technologies through training and research - Develop status reports, metrics, and support R&D lab activities using virtual machines - Respond to high-impact incidents such as ransomware, major compromises, internal threats, and data leakage - Perform log analysis, forensic analysis, and create data-driven reports and presentations - Liaise with various teams for threat hunting, infrastructure, vulnerability management, and incident response exercises Qualification Required: - Bachelor's degree in computer science, information technology, systems engineering, or related field - Minimum 5 years of Information Security experience, with significant time in a SOC - Experience in investigations, log analysis, forensic analysis, and handling high-impact security incidents - Familiarity with Agile environments and methodologies for security operations - Knowledge of common hacking tools and techniques Additional Company Details (if present): The World Bank Group is a global partnership of five institutions dedicated to ending extreme poverty, increasing shared prosperity, and promoting sustainable development. With 189 member countries and over 130 offices worldwide, the organization works with public and private sector partners to invest in groundbreaking projects and develop solutions to urgent global challenges. The Information and Technology Solutions (ITS) Vice Presidency at the World Bank Group aims to deliver transformative information and technologies to staff working in over 150 locations to achieve the mission of ending extreme poverty and boosting shared prosperity. The ITS Information Security and Risk Management unit is responsible for managing information security and risk functions across the organization to protect information assets effectively and ensure alignment with the Bank's business and IT strategy. Role Overview: As an IT Analyst specializing in Security, Risk, and Compliance at the World Bank, you will play a crucial role in managing high-visibility security incident responses. Your responsibilities will include swiftly identifying, containing, and remediating critical security incidents, working under intense pressure and round-the-clock availability. You will be expected to participate in all phases of the security incident response process, record detailed activities in the Case Management System, develop security incident response frameworks, and maintain technical proficiency in information security concepts and technologies. Key Responsibilities: - Provide Information Security Operations Center (ISOC) support on a 24x7x365 basis through shift work with rotation - Review information security alerts, prioritize based on impact, and assign to respective teams within the Information Security Office - Conduct investigative actions based on security events and follow standard operating procedures for remediation - Participate in all phases of security incident response process, including detection, containment, eradication, and reporting - Record detailed Security Incident Response activities in the Case Management System - Utilize Security Information and Event Management (SIEM) capabilities to develop alerts for anomaly detection - Assist in developing frameworks for security incident response and maintaining ISMS procedures for compliance - Maintain technical proficiency in information security concepts and technologies through training and research - Develop status rep
