Junior Professional Associate – ITS, Infosec Engineering & Operations  

Description

Do you want to build a career that is truly worthwhile? Working at the World Bank Group provides a unique opportunity for you to help our clients solve their greatest development challenges. The World Bank Group is one of the largest sources of funding and knowledge for developing countries; a unique global partnership of five institutions dedicated to ending extreme poverty, increasing shared prosperity and promoting sustainable development. With 189 member countries and more than 120 offices worldwide, we work with public and private sector partners, investing in groundbreaking projects and using data, research, and technology to develop solutions to the most urgent global challenges. For more information, please visit www.worldbank.org 

Junior Professional Associates – Program Description

The Junior Professionals Associate Program (JPA) offers an exceptional opportunity for recent graduates to embark on a professional journey, providing a three-year contract with valuable work experience within a diverse and dynamic environment and the potential of field work experience. The program is an excellent platform to sharpen your existing skills and to develop new ones, all while gaining a profound understanding of the challenges associated with reducing poverty and fostering shared prosperity on a livable planet. 

We will provide you with the opportunity to gain entry-level professional experience in a premier development institution, on an Extended Term Consultant (ETC) contract with benefits. For more information, please visit www.worldbank.org/careers/jpa 

The following are minimum requirements to be eligible for the JPA program: 

• Be 32 years of age or younger 

• Hold a bachelor’s degree 

• Be fluent in English 

The JPA program at the World Bank is a highly competitive initiative. Candidates who are being actively considered for positions may be required to present academic transcripts and professional references. The World Bank’s Human Resources team and hiring team will reach out exclusively to individuals selected for assessment and interviews.

ITS Vice Presidency Context:

The Information and Technology Solutions (ITS) Vice Presidential Unit (VPU) enables the World Bank Group to achieve its mission of ending extreme poverty and boost shared prosperity on a livable planet by delivering transformative information and technologies to its staff working in over 150+ locations. For more information on ITS, see this video: https://www.youtube.com/watch?reload=9&v=VTFGffa1Y7w

Unit (ITS – Infosec Engineering & Operations)

The ITS Information Security and Risk Management (ITSSR) unit, headed by the Chief Information Security Officer (CISO), is responsible for providing leadership in managing the functions and activities of information security and risk across the World Bank Group, enabling the achievement of WBG’s business objectives. ITSSR enables and facilitates a risk aware culture, ensures that WBG information assets are protected in an effective, efficient, and balanced manner; and IT security and risk management efforts throughout the World Bank Group are coordinated and aligned to the Bank’s business and IT strategy. ITSSR establishes and maintains the World Bank Group’s IT and InfoSec policies and standards; develops and engineers the WBG’s information security plans and solutions; responds to security incidents; and ensures that the information risks are identified, assessed, and managed in consistent with the overall risk management approach and with the established appetite and tolerance. 

Security Incident Response

ITSIS is looking for candidate with strong knowledge of networks and operating system, passionate about Cyber security. The successful candidate will participate in incident response, data analytics activities. 

• Participate in the work of Information Security Operations Center (ISOC) support on a 24x7x365 basis by shift work with rotation 

• Review information security alerts from various sources and based on the classification and its impact would prioritize the alerts and assign to the respective teams within Information Security Office. 

• Work with senior analysts on investigative actions based on security events and remediate as dictated by standard operating procedures. 

• Participate in all the phases of security incident response process, including detection, containment, eradication, and post-incident reporting. 

• Use Security information and event management (SIEM) capabilities to develop alerts to detect anomalies. 

• Maintain technical proficiency in information security concepts and related technologies through on the job training, performing individual research and attending training courses as necessary. 

• Support R&D lab using virtual machines and monitor open source security research news, contribute to control testing and strengthening. 

• Participate in detailed analysis of attacks against web infrastructure. This includes identification of malicious code within URLs, collection of malicious plugins and/or exploits’ payload. Able to identify exploit and exploit tools involved in attacks. Able to identify packing techniques used to obfuscate URLs. Able to look at return traffic from exploitation activity looking for successful exploitation. 

• Participate in design and delivery of data driven dashboards 

Selection Criteria

• Bachelor’s degree in computer science, information technology, systems engineering, or a related field. 

• Understanding of how operating systems work and how malware exploits them. 

• Understanding of network traffic and be able to analyze network traffic from an Incident Response perspective. 

• Knowledge of common hacking tools and techniques. 

• Familiar with Cloud security and various security tools like AWS Guard Duty etc. 

• Project tracking and reporting skills 

• Experience in understanding and analyzing various log formats from various sources. 

• Experience in analyzing reports generated of SIM/SEM tools, from incident perspective 

• Good communication skills (Verbal and Written) 

• Proficient experience with the following concepts and related toolsets: 

o Network sniffers 

o Process analysis tools 

o Registry analysis tools 

Preferred Skillsets

• CEH, Security++ 

• Understanding of Incident Response, remediation, Malware analysis, Scripting Languages e.g. Python 

Competencies

• Client Understanding and Advising – Looks at issues from the client’s perspective and takes action beyond normal expectations to ensure client satisfaction. 

• Learning Orientation – Stays abreast of new trends and developments in own specialty area, the broader industry, and exposes self to increasingly more challenging projects and opportunities to learn. 

• Compliance with Standards – Monitors and maintains records on requests for information and assistance. 

• Knowledge of Emerging Technology – Tests new technology to evaluate capability compared to specifications. 

Diversity and Inclusion

The World Bank continually searches for qualified individuals with a diverse set of backgrounds from around the globe. We are proud to be an equal opportunity and inclusive employer with a dedicated and committed workforce, and do not discriminate based on gender, gender identity, religion, race, color, ethnicity, sexual orientation, or disability. Individuals with different abilities may be provided reasonable accommodations to perform essential functions and support in receiving other workplace accommodations.

Poverty has no borders, neither does excellence. We succeed because of our differences and we continuously search for qualified individuals with diverse backgrounds from around the globe.

This is how cinfo can support you in the application process for this specific position: 

• Application preparation: Before you apply for this position: Improve your application documents by registering for a Job Application Support. Our coaches are here to help tailor your application to the requirements of the job (service provided at your own cost). 

• Interview preparation: When invited to the interview: Prepare for the interview by registering for a Job Application Support. 

• Additional services for  Swiss nationals who get invited to  the selection process (written test, interview, assessment centre, etc.): 

  • Let us know by writing to [email protected]. We flag matching applications to HR partners and SDC/SECO for visibility. 

  • Benefit from free interview/assessment preparation by registering here: Interview and Assessment Centre Preparation for Jobs in Multilateral Organisations. Our coaches stand ready to help prepare for upcoming interview/assessment centre.​