IT Analyst, Security, Risk and Compliance - GE   - Tenders Global

IT Analyst, Security, Risk and Compliance – GE  

World Bank Group

tendersglobal.net

activities 

Company presentation

With 189 member countries, staff from more than 170 countries, and offices in over 130 locations, the World Bank Group is a unique global partnership: five institutions working for sustainable solutions that reduce poverty and build shared prosperity in developing countries.

The World Bank Group is one of the world’s largest sources of funding and knowledge for developing countries. Its five institutions share a commitment to reducing poverty, increasing shared prosperity, and promoting sustainable development.

 

Please note that not all types of contracts and advertisements are listed in cinfoPoste. Find all of them, including consultancies, local positions as well as specific programmes here. 

 

 

Find in-depth information on careers with the World Bank Group and related cinfo’s support on cinfo.ch: Visit the organisation’s profile

 

Job description

Verify your compatibility with this job ad
The compatibility is only an indication and should not discourage you from applying if you think your profile matches. It is also not taken into consideration for recruitment.

header backgorund

? %

Description

Do you want to build a career that is truly worthwhile? Working at the World Bank Group provides a unique opportunity for you to help our clients solve their greatest development challenges. The World Bank Group is one of the largest sources of funding and knowledge for developing countries; a unique global partnership of five institutions dedicated to ending extreme poverty, increasing shared prosperity and promoting sustainable development. With 189 member countries and more than 120 offices worldwide, we work with public and private sector partners, investing in groundbreaking projects and using data, research, and technology to develop solutions to the most urgent global challenges. For more information, visit www.worldbank.org

 

ITS Vice Presidency Context:

Information and Technology Solutions (ITS) enables the WBG to achieve its mission of ending extreme poverty and promote shared prosperity in a sustainable way by delivering transformative information and technologies to its staff working in over 150 locations.

Our vision is to transform how the Bank Group accomplishes its mission through information and technology. In this fast-paced, ever-changing world, the formulation and implementation of the ITS strategy is an ongoing, iterative process of learning and adaptation developed through extensive consultations with business partners throughout the World Bank Group.

ITS shapes its strategy in response to changing business priorities and leverages new technologies to achieve three high-level business outcomes: business enablement, by providing Bank Group units with innovative digital tools and technologies to transform how they deliver value for their clients; empowerment & effectiveness, by ensuring that all Bank Group staff are connected, able to find information, and productive to accelerate the delivery of development solutions globally; and resilience, by equipping the Bank Group to provide risk-based cybersecurity and robust data protection for a global network and a growing cloud platform.

Implementation of the strategy is guided by three core principles. The first is to deliver solutions for business partners that are customer-centric, innovative, and transformative. The second is to provide the Bank Group with value for money with selective and standard technologies. The third principle is to excel at the basics by providing a high performing, robust, and resilient IT environment for the organization.

The ITS Information Security and Risk Management (ITSSR) unit, headed by the Chief Information Security Officer (CISO), is responsible for providing leadership in managing the functions and activities of information security and risk across the World Bank Group, enabling the achievement of WBG’s business objectives.

 

Duties and Accountabilities:

The candidate will be responsible for, but not limited to the following:

•Support the Internal Controls over Financial Reporting (ICFR) program for IT General Controls. Collaborate with external auditors on audit planning, testing and evaluation procedures, and ensure compliance with the requirements.

•Evaluate the design and operating effectiveness of Information Technology General Controls and system-dependent automated controls.

•Conduct IT audits of operating systems, databases, platforms, cloud implementations and emerging technologies based on industry standards.

•Conduct audits of IT processes and functions based on COBIT, ISO 27001 & ISO 20000 frameworks.

•Assess compliance against technical standards for various platforms and technologies.

•Design and execute third party compliance assessments and prioritize control remediation as appropriate.

•Review third party attestation reports, including Service Organization Control (SOC) 1 and SOC 2, including documenting, validating, testing, and assessing various control systems.

•Identify process enhancement opportunities with control owners to develop risk-based action plans while understanding their operational constraints/challenges.

•Perform other duties in the compliance work program, as assigned.

 

Selection Criteria

•Bachelor’s or Master’s degree with 2 years relevant experience OR equivalent combination of education and experience.

•Minimum 2 years’ experience working in an information security, Information technology or IT audit related field.

•Experience in conducting assessments, designing processes, and implementing SOX controls for the IT General

•Controls related to Information Security, Change Management and IT Operations.

•Experience in conducting design and operating effectiveness testing for IT General Controls.

•Experience conducting Service Organization Control (SOC) 1 and SOC 2 report reviews.

•Demonstrated knowledge and experience in auditing IT and security controls for network, operating systems, databases, platforms and applications.

•Thorough understanding of best practice and industry standard technical security standards including, but not limited to NIST and CIS.

•Good knowledge and demonstrated work experience of the use of ISO 27001 control framework and ISMS implementation.

•Familiarity with industry standards, laws and regulations, including but not limited to ISO 27001, SOX, ISO 20000, COBIT.

•Systems Thinking – Researches the critical and underlying relationships between primary business, technology and systems platforms.

•Client Orientation – Takes personal responsibility and accountability for timely response to client queries, requests or needs, working to remove obstacles that may impede execution or overall success.

•Drive for Results – Takes personal ownership and accountability to meet deadlines and achieve agreed-upon results and has the personal organization to do so.

•Teamwork (Collaboration) and Inclusion – Collaborates with other team members and contributes productively to the team’s work and output, demonstrating respect for different points of view.

•Ability to work independently and within groups, Must be self-motivated and able to work independently with minimal supervision.

•Excellent written and verbal communication skills and presentation skills.

•Highest ethical standards.

 

World Bank Group Core Competencies

The World Bank Group offers comprehensive benefits, including a retirement plan; medical, life and disability insurance; and paid leave, including parental leave, as well as reasonable accommodations for individuals with disabilities.

We are proud to be an equal opportunity and inclusive employer with a dedicated and committed workforce, and do not discriminate based on gender, gender identity, religion, race, ethnicity, sexual orientation, or disability.

Learn more about working at the World Bank and IFC, including our values and inspiring stories.

 

 

 

This is how cinfo can support you in the application process for this specific position: 

  • Application preparation: Before you apply for this position: Improve your application documents by registering for a Job Application Support. Our coaches are here to help tailor your application to the requirements of the job (service provided at your own cost). 
  • Interview preparation: When invited to the interview: Prepare for the interview by registering for a Job Application Support
  • Additional services for  Swiss nationals who get invited to  the selection process (written test, interview, assessment centre, etc.): 

Map

More details

Working hours (%): 80-100%

Type of contract: Staff (Permanent and Fixed Term)

Duration: 4 years

Macro-area: Eastern Europe and Central Asia

Level of experience: Senior Professional, more than 5 years

Area of work Definition: Information and Communication Technology

Type of organisation: Multilateral Organisations

To help us track our recruitment effort, please indicate in your cover/motivation letter where (tendersglobal.net) you saw this job posting.

Job Location