Apply for Vacancy for IT Officer at The World Bank in Bulgaria. The deadline for this job is 10th May 2021.
Information and Technology Solutions (ITS) enables the WBG to achieve its mission of ending extreme poverty and promote shared prosperity in a sustainable way by delivering transformative information and technologies to its staff working in over 150 locations.
- Work with project teams to define security requirements for new systems in line with the enterprise information security architecture.
- Also, provide security design recommendations based on enterprise information security architecture and solution patterns.
- Review or develop security-as-code in JSON or YAML format, e.g. AWS cloud formation template, Azure Resource Manager.
- Likewise, provide guidance on the design and use of DevSecOps pipelines and use of security tools in such agile development methods.
- Perform controls reviews and system assessments to develop risk profiles for IT systems and evaluate the efficiency and effectiveness of the IT control environment.
- Moreover, maintain impartiality around IT systems to produce unbiased reports on information security risk.
- Provide business units with recommendations to reduce information security risk within their areas.
- Additionally, identify efficiencies to improve the performance and responsiveness of the ITSSR information security architecture function.
- Prepare and present security design and architectural review reports to system owners, business units, and other.
- Similarly, evaluate WBG current software security posture and propose mitigation and remediation plans to meet software security assurance requirements.
- Translate technical security deficiencies into business risks that are understandable by business stakeholders in order to get buy-in for security investments.
Educational Qualifications and Experience:
- Master’s degree with 5 years relevant experience or Bachelor’s Degree with a minimum of 7 years relevant experience. Sample degrees include: Computer Science, Library Science, Information Management or Information Systems.
- Also, preferred 7+ years of role-specific experience.
- Experience in providing guidance for application security, risk assessment, and data protection based on data sensitivity and associated business risks.
- Likewise, experience with enterprise security architecture design and implementation for a financial services organization or other organizations with similar information security needs and requirements.
- Experience in developing and reviewing security-as-code in AWS, Azure, or other similar platforms.
- Furthermore, experience in working with DevSecOps pipeline from the security perspective.
- Familiar with Microsoft, Azure, and Office 365 technology platforms, applications, and security controls for such Microsoft technologies.
- Also, experience guiding project team remediating such vulnerabilities.
- Extensive knowledge of IT, enterprise architecture, software development life cycle, and information security platforms and applications.
- Also, ability to work well under pressure and meet tight deadlines.
- High level of motivation, confidence, integrity, and responsibility.
- Likewise, knowledge of best practices and standards for enterprise security architecture, specifically in the field of Identity & Access Management, Enterprise Content Management, Collaboration Tools, Service-Oriented Architecture, Cloud, Mobility, Data Analytics, and Web 2.0 related services.
- Likewise, practical knowledge of common Web vulnerabilities as per SANS 25 or OWASP Top 10 specifications.
Visit oyaop.com for more job opportunities.