Do you want to build a career that is truly worthwhile? Working at the World Bank Group provides a unique opportunity for you to help our clients solve their greatest development challenges. The World Bank Group is one of the largest sources of funding and knowledge for developing countries; a unique global partnership of five institutions dedicated to ending extreme poverty, increasing shared prosperity and promoting sustainable development. With 189 member countries and more than 120 offices worldwide, we work with public and private sector partners, investing in groundbreaking projects and using data, research, and technology to develop solutions to the most urgent global challenges.
Information and Technology Solutions (ITS) enables the WBG to achieve its mission of ending extreme poverty and promote shared prosperity in a sustainable way by delivering transformative information and technologies to its staff working in over 150 locations.
Our vision is to transform how the Bank Group accomplishes its mission through information and technology. In this fast-paced, ever-changing world, the formulation and implementation of the ITS strategy is an ongoing, iterative process of learning and adaptation developed through extensive consultations with business partners throughout the World Bank Group.
ITS shapes its strategy in response to changing business priorities and leverages new technologies to achieve three high-level business outcomes: business enablement, by providing Bank Group units with innovative digital tools and technologies to transform how they deliver value for their clients; empowerment & effectiveness, by ensuring that all Bank Group staff are connected, able to find information, and productive to accelerate the delivery of development solutions globally; and resilience, by equipping the Bank Group to provide risk-based cybersecurity and robust data protection for a global network and a growing cloud platform.
Implementation of the strategy is guided by three core principles. The first is to deliver solutions for business partners that are customer-centric, innovative, and transformative. The second is to provide the Bank Group with value for money with selective and standard technologies. The third principle is to excel at the basics by providing a high performing, robust, and resilient IT environment for the organization.
The ITS Information Security and Risk Management (ITSSR) unit, headed by the Chief Information Security Officer (CISO), is responsible for providing leadership in managing the functions and activities of information security and risk across the World Bank Group, enabling the achievement of WBG’s business objectives. ITSSR enables and facilitates a risk aware culture, ensures that WBG information assets are protected in an effective, efficient, and balanced manner; and IT security and risk management efforts throughout the World Bank Group are coordinated and aligned to the Bank's business and IT strategy. ITSSR establishes and maintains the World Bank Group's IT and InfoSec policies and standards; develops and engineers the WBG’s information security plans and solutions; responds to security incidents; and ensures that the information risks are identified, assessed, and managed in consistent with the overall risk management approach and with the established appetite and tolerance.
ITSIS is seeking to fill a vacant Senior IT Assistant, Security, Risk and Compliance position within the ISOC. The successful candidate will be responsible for incident response, research and report writing. The individual should be multi-disciplined and comfortable in operating and maintaining secured solutions for platforms running mission critical business applications in a homogeneous environment, at the enterprise level
Scope of Work:
Security Incident Response:
Provide Information Security Operations Center (ISOC) support on a 24x7x365 basis by shift work with rotation
Review information security alerts from various sources and based on the classification and its impact would prioritize the alerts and assign to the respective teams within Information Security Office.
Conduct thorough investigative actions based on security events and remediate as dictated by standard operating procedures
Participate in all the phases of security incident response process, including detection, containment, eradication, and post-incident reporting.
Record detailed Security Incident Response activities in the Case Management System.
Use Security information and event management (SIEM) capabilities to develop alerts to detect anomalies.
Assist in developing and setting up frameworks for developing Security incident response.
Assist developing and maintaining ISMS procedures (related to ISOC) for complying with global ISMS policy defined by the organization.
Maintain technical proficiency in information security concepts and related technologies through on the job training, performing individual research and attending training courses as necessary.
Undertake knowledge sharing and training activities on various monitoring tools and remediation techniques on periodic basis.
Develop periodic status reports and monthly metrics for reporting purposes.
Support R&D lab using virtual machines and monitor open source security research news, contribute to control testing and strengthening.
Experience in threat hunting in a diverse log and tool environment. The role requires the person to be able to manage threat hunting work program not limited to scoping, tooling and reporting metrics.
Perform detailed analysis of attacks against web infrastructure. This includes identification of malicious code within URLs, collection of malicious plugins and/or exploits' payload. Able to identify exploit and exploit tools involved in attacks. Able to identify packing techniques used to obfuscate URLs. Able to look at return traffic from exploitation activity looking for successful exploitation.
Selection Criteria:
Bachelor's degree in computer science, information technology, systems engineering, or a related field with no experience required or equivalent combination of education and relevant experience.
Understanding of how operating systems work and how malware exploits them.
Understanding of network traffic and be able to analyze network traffic from an Incident Response perspective.
Past exposure to handle malware and financial crime malware related incidents.
Thorough understanding of Windows Internals and memory management.
Knowledge of common hacking tools and techniques
Experience in understanding and analyzing various log formats from various sources.
Experience in analyzing reports generated of SIM/SEM tools
Proficient experience with the following concepts and related toolsets:
