Apply for Vacancy for IT Officer at The World Bank in Bulgaria. The deadline for this job is 10th May 2021.

Description:

Information and Technology Solutions (ITS) enables the WBG to achieve its mission of ending extreme poverty and promote shared prosperity in a sustainable way by delivering transformative information and technologies to its staff working in over 150 locations.

Functions:

• Work with project teams to define security requirements for new systems in line with the enterprise information security architecture.
• Also, provide security design recommendations based on enterprise information security architecture and solution patterns.
• Review or develop security-as-code in JSON or YAML format, e.g. AWS cloud formation template, Azure Resource Manager.
• Likewise, provide guidance on the design and use of DevSecOps pipelines and use of security tools in such agile development methods.
• Perform controls reviews and system assessments to develop risk profiles for IT systems and evaluate the efficiency and effectiveness of the IT control environment.
• Moreover, maintain impartiality around IT systems to produce unbiased reports on information security risk.
• Provide business units with recommendations to reduce information security risk within their areas.
• Additionally, identify efficiencies to improve the performance and responsiveness of the ITSSR information security architecture function.
• Prepare and present security design and architectural review reports to system owners, business units, and other.
• Similarly, evaluate WBG current software security posture and propose mitigation and remediation plans to meet software security assurance requirements.
• Translate technical security deficiencies into business risks that are understandable by business stakeholders in order to get buy-in for security investments.

Selection Criteria

Educational Qualifications and Experience:

• Master’s degree with 5 years relevant experience or Bachelor’s Degree with a minimum of 7 years relevant experience. Sample degrees include: Computer Science, Library Science, Information Management or Information Systems.
• Also, preferred 7+ years of role-specific experience.
• Experience in providing guidance for application security, risk assessment, and data protection based on data sensitivity and associated business risks.
• Likewise, experience with enterprise security architecture design and implementation for a financial services organization or other organizations with similar information security needs and requirements.
• Experience in developing and reviewing security-as-code in AWS, Azure, or other similar platforms.
• Furthermore, experience in working with DevSecOps pipeline from the security perspective.
• Familiar with Microsoft, Azure, and Office 365 technology platforms, applications, and security controls for such Microsoft technologies.
• Also, experience guiding project team remediating such vulnerabilities.

Abilities:

• Extensive knowledge of IT, enterprise architecture, software development life cycle, and information security platforms and applications.
• Also, ability to work well under pressure and meet tight deadlines.
• High level of motivation, confidence, integrity, and responsibility.
• Likewise, knowledge of best practices and standards for enterprise security architecture, specifically in the field of Identity & Access Management, Enterprise Content Management, Collaboration Tools, Service-Oriented Architecture, Cloud, Mobility, Data Analytics, and Web 2.0 related services.
• Likewise, practical knowledge of common Web vulnerabilities as per SANS 25 or OWASP Top 10 specifications.

Visit oyaop.com for more job opportunities.