The World Bank is seeking a Security Engineering Analyst to manage high-visibility security incident responses within the Information Security Operations Center (ISOC). The ideal candidate will have strong technical and interpersonal skills to handle critical security incidents and will be available around the clock. Responsibilities include conducting thorough investigations, participating in all phases of the security incident response process, and maintaining technical proficiency in information security concepts. The role also involves collaboration with various teams and the development of incident response frameworks.
Candidate Requirements:
Bachelor’s or Master’s degree with 2 years of experience or equivalent
Minimum 5 years of Information Security experience, primarily in a SOC
Experience in high-impact incidents like ransomware and data leakage
Proficient in log analysis and forensic analysis
Understanding of network traffic from an Incident Response perspective
Do you want to build a career that is truly worthwhile? Working at the World Bank Group provides a unique opportunity for you to help our clients solve their greatest development challenges. The World Bank Group is one of the largest sources of funding and knowledge for developing countries; a unique global partnership of five institutions dedicated to ending extreme poverty, increasing shared prosperity and promoting sustainable development. With 189 member countries and more than 130 offices worldwide, we work with public and private sector partners, investing in groundbreaking projects and using data, research, and technology to develop solutions to the most urgent global challenges. For more information, visit www.worldbank.org
ITS Vice Presidency Context
The Information and Technology Solutions (ITS) Vice Presidential Unit (VPU) enables the World Bank Group to achieve its mission of ending extreme poverty and boost shared prosperity on a livable planet by delivering transformative information and technologies to its staff working in over 150+ locations. For more information on ITS, see this video: https://www.youtube.com/watch?reload=9&v=VTFGffa1Y7w
Unit Context
The ITS Information Security and Risk Management (ITSSR) unit, headed by the Chief Information Security Officer (CISO), is responsible for providing leadership in managing the functions and activities of information security and risk across the World Bank Group, enabling the achievement of WBG’s business objectives. ITSSR enables and facilitates a risk aware culture, ensures that WBG information assets are protected in an effective, efficient, and balanced manner; and IT security and risk management efforts throughout the World Bank Group are coordinated and aligned to the Bank's business and IT strategy. ITSSR establishes and maintains the World Bank Group's IT and InfoSec policies and standards; develops and engineers the WBG’s information security plans and solutions; responds to security incidents; and ensures that the information risks are identified, assessed, and managed in consistent with the overall risk management approach and with the established appetite and tolerance. ITSSR consists of three main units: 1) ITS Risk Management, Compliance, and Policy, 2) ITS Information Security Engineering and Operations (ITSIS), and 3) Program Management Office (PMO).
Duties and Accountabilities:
ITSIS is seeking to fill the position of Security Engineering Analyst within the ISOC. The successful candidate will be responsible for managing high-visibility security incident responses. The ideal candidate will possess the necessary technical and interpersonal skills to handle high-impact incidents. We are looking for an incident responder who thrives under intense pressure and is committed to round-the-clock availability to swiftly identify, contain, and remediate critical security incidents. This role demands immediate response to potential breaches, requiring exceptional problem-solving abilities and the capacity to work effectively during off-hours. In addition to applied experience, the individual will bring excellent problem solving, communication and teamwork skills, along with agile ways of working, strong business insight, an inclusive leadership attitude and a continuous learning focus.
Scope of Work
• Provide Information Security Operations Center (ISOC) support on a 24x7x365 basis by shift work with rotation
• Review information security alerts from various sources and based on the classification and its impact would prioritize the alerts and assign to the respective teams within Information Security Office.
• Conduct thorough investigative actions based on security events and remediate as dictated by standard operating procedures
• Participate in all the phases of security incident response process, including detection, containment, eradication, and post-incident reporting.
• Record detailed Security Incident Response activities in the Case Management System.
• Use Security information and event management (SIEM) capabilities to develop alerts to detect anomalies.
• Assist in developing and setting up frameworks for developing Security incident response.
• Assist developing and maintaining ISMS procedures (related to ISOC) for complying with global ISMS policy defined by the organization.
• Maintain technical proficiency in information security concepts and related technologies through on the job training, performing individual research and attending training courses as necessary.
• Undertake knowledge sharing and training activities on various monitoring tools and remediation techniques on periodic basis.
• Develop periodic status reports and monthly metrics for reporting purposes.
• Support R&D lab using virtual machines and monitor open-source security research news, contribute to control testing and strengthening.
• Experience in threat hunting in a diverse log and tool environment. The role requires the person to be able to manage threat hunting work program not limited to scoping, tooling and reporting metrics.
• Perform detailed analysis of attacks against web infrastructure. This includes identification of malicious code within URLs, collection of malicious plugins and/or exploits' payload. Able to identify exploit and exploit tools involved in attacks. Able to identify packing techniques used to obfuscate URLs. Able to look at return traffic from exploitation activity looking for successful exploitation.
• Respond to High impact incident like ransomware, major compromise, internal threats, third parties, and data leakage.
• Perform log analysis, analyze large datasets, forensic analysis and create reports.
• Create and deliver data driven reports and presentations for management and other stakeholders.
• Liaison with threat hunting, infrastructure, IT, vulnerability management, threat intelligence and software engineer team members.
• Conduct forensic examinations that include collection, preservation and analysis of data and systems.
• Support creation and delivery of incident response tabletop exercises designed to identify gaps, improve skills, enhance communication and engage with key stakeholders.
• Perform other duties as assigned.
Selection Criteria
• Bachelor’s or Master’s degree with 2 years of experience or equivalent combination of education and experience (for example, in the IT field: Bachelor’s Degree with a minimum of 1 year of related work experience).
• Minimum 5 years of Information Security experience required with majority of time in a SOC.
• Experience in investigations including, but not limited to, end-user hosts, servers, network infrastructure, mobile devices, peripherals and application systems.
• Experience in working on High impact incident like ransomware, major compromise, internal threats, third parties, and data leakage.
• Experience in log analysis, ability to analyze large datasets, create reports, perform forensic analysis.
• Experience in building and maintaining tools, processes, and capabilities for log analysis, ensuring the provision of data to incident stakeholders in an easy and scalable manner.
• Understanding of network traffic and be able to analyze network traffic from an Incident Response perspective.
• Past exposure to handle malware and financial crime malware related incidents.
• Familiarity with industry-standard processes defined for systems design, database design, development, testing, and integration phases of a project, including Agile-based implementations.
• Experience working in Agile environments, participating in Agile ceremonies, and utilizing Agile methodologies for security operations and threat investigations.
• Knowledge of common hacking tools and techniques
• Client Understanding and Advising - Looks at issues from the client’s perspective and takes action beyond normal expectations to ensure client satisfaction.
• Learning Orientation - Stays abreast of new trends and developments in own specialty area, the broader industry, and exposes self to increasingly more challenging projects and opportunities to learn.
• Broad Business Thinking - Maintains an in-depth understanding of the long term implications of decisions both for department and the client’s business. Ensures that decisions are supported by relevant stakeholders as well as sound performance data.
• Compliance with Standards - Monitors and maintains records on requests for information and assistance.
• Knowledge of Emerging Technology - Tests new technology to evaluate capability compared to specifications.
WBG Culture Attributes:
1. Sense of urgency: Anticipate and quickly respond to the needs of internal and external stakeholders. 2. Thoughtful risk-taking: Challenge the status quo and push boundaries to achieve greater impact. 3. Empowerment and accountability: Empower yourself and others to act and hold each other accountable for results.
The World Bank Group offers comprehensive benefits, including a retirement plan; medical, life and disability insurance; and paid leave, including parental leave, as well as reasonable accommodations for individuals with disabilities.
We are proud to be an equal opportunity and inclusive employer with a dedicated and committed workforce, and do not discriminate based on gender, gender identity, religion, race, ethnicity, sexual orientation, or disability.
Learn more about working at the World Bank and IFC including our values and inspiring stories.
At Impactpool we do our best to provide you the most accurate info, but closing dates may be wrong on our site. Please check on the recruiting organization's page for the exact info. Candidates are responsible for complying with deadlines and are encouraged to submit applications well ahead.
Before applying, please make sure that you have read the requirements for the position and that you qualify. Applications from non-qualifying applicants will most likely be discarded by the recruiting manager.
Summary by Impactpool
The World Bank is seeking a Security Engineering Analyst to manage high-visibility security incident responses within the Information Security Operations Center (ISOC). The ideal candidate will have strong technical and interpersonal skills to handle critical security incidents and will be available around the clock. Responsibilities include conducting thorough investigations, participating in all phases of the security incident response process, and maintaining technical proficiency in information security concepts. The role also involves collaboration with various teams and the development of incident response frameworks.
Candidate Requirements:
Bachelor’s or Master’s degree with 2 years of experience or equivalent
Minimum 5 years of Information Security experience, primarily in a SOC
Experience in high-impact incidents like ransomware and data leakage
Proficient in log analysis and forensic analysis
Understanding of network traffic from an Incident Response perspective
Show World Bank Group that you are interested in them
Recruiters from the organization will be able to view your profile, contact you for current & future vacancies and engage you on opportunities that match your skills and interest.
