Junior Professional Associate

tendersglobal.net

The JPA program at the World Bank is a highly competitive initiative. Candidates who are being actively considered for positions may be required to present academic transcripts and professional references. The World Bank’s Human Resources team and hiring team will reach out exclusively to individuals selected for assessment and interviews.

The Information and Technology Solutions (ITS) Vice Presidential Unit (VPU) enables the World Bank Group to achieve its mission of ending extreme poverty and boost shared prosperity on a livable planet by delivering transformative information and technologies to its staff working in over 150+ locations. For more information on ITS, see this video: https://www.youtube.com/watch?reload=9&v=VTFGffa1Y7w

The ITS Information Security and Risk Management (ITSSR) unit, headed by the Chief Information Security Officer (CISO), is responsible for providing leadership in managing the information security and risk functions and activities across the World Bank Group, enabling the achievement of WBG’s business objectives. ITSSR supports and facilitates a risk aware culture, ensuring that WBG information assets are protected in an effective, efficient, and balanced manner and IT security and risk management efforts throughout the World Bank Group are coordinated and aligned to the Bank’s business and IT strategy. ITSSR comprises of the following functions: Security Operations, Risk Management and Advisory, IT Policy, IT Compliance, PMO, Business Continuity, and Sourcing and Vendor Management.

The ITS Risk Management (ITSRM) unit within ITSSR has been tasked with providing technical and architectural information security solutions for the World Bank Group and needs an Information Security professional who is results oriented, multi-disciplined and experienced in evaluating and where possible automating, the testing of information security controls.

Duties and Responsibilities:

  • Review the security architecture evaluation of WBG new systems and create security test plans, review the configurations based on controls and recommendations for web, enterprise, cloud-based, mobile applications.
  • Perform security analysis of the different layers of the systems (application, APIs, operating systems, and database layers) by performing source code review, manual security testing and automated vulnerability assessment scans using various vulnerability scanners.
  • Perform application security testing on both native and web based mobile applications on different mobile platforms.
  • Review testing result reports and work with the application development community to remediate issues following a risk-based approach.
  • Maintain detailed documentation of test procedures, findings, and recommendations in ITSRM case management system.
  • Stay abreast of newer trends, technologies such as AI and the tools, techniques used for application security testing.

Selection Criteria:

  • Bachelor’s degree in computer science, information technology, systems engineering, or a related field.
  • Understanding of software lifecycle, product life cycle, data lifecycle, SDLC.
  • Understanding of MITRE ATT&CK framework, OWASP top 10 for applications, APIs, AIs, and Mobile applications.
  • Understanding of Role Based Access Controls, Authentication, Authorization frameworks.
  • Knowledge of common testing tools such as Kali Linux, Burp suite, OWSAP Zap, etc.,
  • Understanding of Threat, Vulnerability, Risk and Impact.
  • Familiar with Cloud technologies (AWS/Azure/GCP, M365, etc.,)
  • Familiar with programming/scripting languages like Java, Python
  • Understanding of AI models.
  • Project tracking and reporting skills.
  • Understanding and analyzing various security configurations of the n-tier architecture.
  • Good communication skills (Verbal and Written)

Source: https://worldbankgroup.csod.com/ats/careersite/JobDetails.aspx?id=28491&site=1

To help us track our recruitment effort, please specify on the application form/indicate in your cover letter where (tendersglobal.net) you saw this job posting.

Share

Recent Posts

Risk Manager – Infrastructure

Job title: Risk Manager - Infrastructure Company Turner & Townsend Job description , aviation, water/utilities,…

8 minutes ago

IT Security Analyst (m/w/d)

Job title: IT Security Analyst (m/w/d) Company Franklin Fitch Job description deutschlandweit sucht einen IT…

33 minutes ago

IOM : Chargé.e de projet – Lyon

tendersglobal.net JOB DESCRIPTION Titre du poste Chargé.e de projet Lieu d’affectation Lyon – région Auvergne-Rhône-Alpes…

34 minutes ago

National Communication Specialist

tendersglobal.net Job Description Organizational SettingThe Food and Agriculture Organization of the United Nations (FAO) contributes…

34 minutes ago

Project Assistant – financial literacy, business coaching and mentoring (Open to Somali Nationals only)

tendersglobal.net Action Against Hunger leads the global movement to end hunger. We innovate solutions, advocate…

34 minutes ago

Digital Trade National Programme Coordinator

tendersglobal.net Result of Service DELIVERABLES 1. MoUs Development and Finalization between key stakeholders, including ITC-MINICOM,…

34 minutes ago
For Apply Button. Please use Non-Amp Version

This website uses cookies.