This job ad has been posted over 30 days ago...



IT Analyst, Security, Risk and Compliance - SIEM (150584) Full-time

at The World Bank Group in Chennai (Published at 07-04-2015)

Information and Technology Solutions (ITS) enables the WBG to achieve its mission of ending extreme poverty by 2030 and boosting shared prosperity in a sustainable manner by delivering transformative information and technologies to its staff working in over 130 client countries. ITS services range from: establishing the infrastructure to reach and connect staff and development stakeholders; providing the devices and agile technology and information applications to facilitate the science of delivery through decentralized services; creating and maintaining tools to integrate information across the World Bank Group, the clients we serve and the countries where we operate; and delivering the computing power staff need to analyze development challenges and identify solutions. The ITS business model combines dedicated business solutions centers that provide services tailored to specific World Bank Group business needs and shared services that provide infrastructure, applications and platforms for the entire Group. ITS is one of three VPUs that have been brought together as the World Bank Group Integrated Services (WBGIS), to provide enhanced corporate core services and enable the institution to operate as one strategic and coordinated entity.

The Information Security Operations team is responsible for managing the operations of information security technology platforms and providing services to WBG business units with the overall objectives of: (1) managing and optimizing information security risk, (2) protecting WBG information assets, and (3) minimizing the potential business risk and impact to the WBG by providing timely incident response and proactive defense to cyber security threats. Key functions and services include: 24/7 information security event management, security engineering, threat and vulnerability management, intrusion detection, threat intelligence, security architecture, certification and accreditation, and incident response.

The ITS Information Security and Risk Management (ITSSR) unit, headed by the Chief Information Security Officer (CISO), is responsible for providing leadership in managing the information security and risk functions and activities across the World Bank Group, enabling the achievement of WBG's business objectives. ITSSR supports and facilitates a risk aware culture, ensuring that WBG information assets are protected in an effective, efficient, and balanced manner and IT security and risk management efforts throughout the World Bank Group are coordinated and aligned to the Bank's business and IT strategy. ITSSR comprises of the following functions: Security Operations, Risk Management and Advisory, IT Policy, IT Compliance, PMO, Business Continuity, and Sourcing and Vendor Management.

The incumbent will report to a senior information security officer leading the Event Information Management (EIM) team.

Note: If the selected candidate is a current Bank Group staff member with a regular or Open-Ended appointment, s/he will retain his/her Regular or Open-Ended appointment. All others will be offered a 3 year term appointment.

Duties and Accountabilities:
The Office of Information Security is seeking a suitably qualified candidate to fill a position within the Event Information Management (EIM) team located in Chennai India. This team is responsible for maintaining and supporting the Event Information Management system across the entire WBG (World Bank Group). The WBG selected ArcSight and Splunk as the software platforms for this function.
Performs analysis, testing and/or reviews of information on business processes from a risk management/security/compliance perspective. Prepares standard reports, highlighting any gaps or concerns, and escalates to management as appropriate.
Proposes improvements and assists in the implementation of standards, procedures and guidelines.
Supports audits, maintaining and routing necessary documentation.
Diagnoses risk, security and compliance incidents and issues that may involve extensive analysis, and recommends resolutions to management.
Researches opportunities to improve processes and standards, and identifies best practices from the industry to promote across the organization.
Assists with the development of project proposals, ensuring that project plans are in compliance with applicable regulations and policies.
Provides technical guidance and mentorship to team members, as appropriate.
Supports the development and execution of security/compliance/risk awareness programs across the WBG.
Support, maintain and enhance existing EIM production operations
Ensure operationally readiness of backup systems
Design and QA infrastructure enhancements
Investigate technical issues related to SEIM infrastructure operations
Review and interpret events generated by various components including firewalls, switches, application software, databases and operating systems.
Review configurations for potential security weaknesses.
Integrate event actions into other WBG systems
Develop automated scripts
Liaise with vendors
Provide support to the WBG EIM Clients
Design and develop innovative methods of automatic event processing to satisfy compliance and operational requirements.
Provide expert technical support

Selection Criteria:
Minimum Education/Experience:
Master's degree with 2 years relevant experience or Bachelors Degree with a minimum of 4 years relevant experience.
Proven experience in scripting.
Detailed working knowledge of Linux operating system.
Experience in the operation of a large ArcSight Event Management System
Experience in the operation of a large Splunk Infrastructure
Detailed knowledge of Splunk search language
Knowledge in the development of ArcSight Content is desirable
Detailed knowledge of firewalling and networking devices
Ability to work independently with minimum supervision
Ability to openly share/discuss ideas and suggestions with team members
Ability to explore and investigate new products and solutions
High level of attention to detail and accuracy
High ethical standard

Preferred Education/Experience:

Computer Science or Engineering degree preferred
Required Competencies
Client Understanding and Advising - Looks at issues from the client’s perspective and takes action beyond normal expectations to ensure client satisfaction.
Learning Orientation - Stays abreast of new trends and developments in own specialty area, the broader industry, and exposes self to increasingly more challenging projects and opportunities to learn.
Broad Business Thinking - Maintains an in-depth understanding of the long term implications of decisions both for department and the client’s business. Ensures that decisions are supported by relevant stakeholders as well as sound performance data.
Compliance with Standards - Monitors and maintains records on requests for information and assistance.
Information Systems / Technologies / Product / Services Knowledge - Resolves escalated problems of technical support.
Knowledge of Emerging Technology - Tests new technology to evaluate capability compared to specifications.
Negotiation - Investigates areas of disagreement.
Risk Management - Reduces risk by solving day-to-day problems as they arise and takes action to prevent problems from recurring.
Lead and Innovate - Brings new and different insights.
Deliver Results for Clients - Contributes to delivery of results for clients on complex issues.
Collaborate Within Teams and Across Boundaries - Collaborates within team and across boundaries.
Create, Apply and Share Knowledge - Actively contributes to and readily applies WBG’s body of knowledge for internal and/or external client solutions.
Make Smart Decisions - Leverages available data and makes timely decisions.

The World Bank Group is committed to achieving diversity in terms of gender, nationality, culture and educational background. Individuals with disabilities are equally encouraged to apply. All applications will be treated in the strictest confidence.

Note: Applications have been closed.

Recent jobs at The World Bank Group

Viewed: 2690 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend