E T Consultant

IT & Telecom

Contract

This is a World Bank Group grade: EC1 contract. More about World Bank Group grade: EC1 contracts.

E T Consultant

Description

Do you want to build a career that is truly worthwhile? Working at the World Bank Group provides a unique opportunity for you to help our clients solve their greatest development challenges. The World Bank Group is one of the largest sources of funding and knowledge for developing countries; a unique global partnership of five institutions dedicated to ending extreme poverty, increasing shared prosperity and promoting sustainable development. With 189 member countries and more than 120 offices worldwide, we work with public and private sector partners, investing in groundbreaking projects and using data, research, and technology to develop solutions to the most urgent global challenges. For more information, visit www.worldbank.org

ITS Vice Presidency Context:

Information and Technology Solutions (ITS) enables the WBG to achieve its mission of ending extreme poverty and promote shared prosperity in a sustainable way by delivering transformative information and technologies to its staff working in over 150 locations.

Our vision is to transform how the Bank Group accomplishes its mission through information and technology. In this fast-paced, ever-changing world, the formulation and implementation of the ITS strategy is an ongoing, iterative process of learning and adaptation developed through extensive consultations with business partners throughout the World Bank Group.

ITS shapes its strategy in response to changing business priorities and leverages new technologies to achieve three high-level business outcomes: business enablement, by providing Bank Group units with innovative digital tools and technologies to transform how they deliver value for their clients; empowerment & effectiveness, by ensuring that all Bank Group staff are connected, able to find information, and productive to accelerate the delivery of development solutions globally; and resilience, by equipping the Bank Group to provide risk-based cybersecurity and robust data protection for a global network and a growing cloud platform.

Implementation of the strategy is guided by three core principles. The first is to deliver solutions for business partners that are customer-centric, innovative, and transformative. The second is to provide the Bank Group with value for money with selective and standard technologies. The third principle is to excel at the basics by providing a high performing, robust, and resilient IT environment for the organization.

The ITS Information Security and Risk Management (ITSSR) unit, headed by the Chief Information Security Officer (CISO), provides leadership in managing the functions and activities of information security and risk management, IT service management and business continuity, sourcing and vendor management, and enterprise architecture across the World Bank Group, enabling the achievement of WBG’s business objectives.

Duties and Accountabilities:

The candidate will be responsible for, but not limited to the following:

•Formulates and implements processes, procedures and systems for tracking and analyzing information assets from creation through retirement.

•Plans, performs and implements process improvement initiatives.

•Gather, collect, generate and report on process metrics and KPIs on a periodic basis.

•Provide overall support to the critical information asset identification process, participate in governance meetings, provide guidance to the information asset custodians and oversee compliance to the procedures and standards.

•Accountable for the accuracy of the information asset registry

•Develop and execute detailed plans for identifying the WBG critical information assets at a periodic basis.

•Assist in liaising with all business units in the WBG to collect, synthesize and analyze information assets produced and consumed by the business units to identify the WBG critical information assets.

•Coordinate with the Security teams to provide effective solutions to information security issues pertaining to critical information assets.

•Develop and implement awareness and learning campaigns for the program to socialize the critical information asset framework.

•Conduct spot audits and checks on Information Asset Register ensuring that departmental units comply with process requirements.

•Develop, maintain, and update Information Asset Management Procedure, Standards and Standard Operating Procedure documents.

•Prepare presentations and update documentation.

Do you want to build a career that is truly worthwhile? Working at the World Bank Group provides a unique opportunity for you to help our clients solve their greatest development challenges. The World Bank Group is one of the largest sources of funding and knowledge for developing countries; a unique global partnership of five institutions dedicated to ending extreme poverty, increasing shared prosperity and promoting sustainable development. With 189 member countries and more than 120 offices worldwide, we work with public and private sector partners, investing in groundbreaking projects and using data, research, and technology to develop solutions to the most urgent global challenges. For more information, visit www.worldbank.org

ITS Vice Presidency Context:

Information and Technology Solutions (ITS) enables the WBG to achieve its mission of ending extreme poverty and promote shared prosperity in a sustainable way by delivering transformative information and technologies to its staff working in over 150 locations.

Our vision is to transform how the Bank Group accomplishes its mission through information and technology. In this fast-paced, ever-changing world, the formulation and implementation of the ITS strategy is an ongoing, iterative process of learning and adaptation developed through extensive consultations with business partners throughout the World Bank Group.

ITS shapes its strategy in response to changing business priorities and leverages new technologies to achieve three high-level business outcomes: business enablement, by providing Bank Group units with innovative digital tools and technologies to transform how they deliver value for their clients; empowerment & effectiveness, by ensuring that all Bank Group staff are connected, able to find information, and productive to accelerate the delivery of development solutions globally; and resilience, by equipping the Bank Group to provide risk-based cybersecurity and robust data protection for a global network and a growing cloud platform.

Implementation of the strategy is guided by three core principles. The first is to deliver solutions for business partners that are customer-centric, innovative, and transformative. The second is to provide the Bank Group with value for money with selective and standard technologies. The third principle is to excel at the basics by providing a high performing, robust, and resilient IT environment for the organization.

The ITS Information Security and Risk Management (ITSSR) unit, headed by the Chief Information Security Officer (CISO), provides leadership in managing the functions and activities of information security and risk management, IT service management and business continuity, sourcing and vendor management, and enterprise architecture across the World Bank Group, enabling the achievement of WBG’s business objectives.

Duties and Accountabilities:

The candidate will be responsible for, but not limited to the following:

•Formulates and implements processes, procedures and systems for tracking and analyzing information assets from creation through retirement.

•Plans, performs and implements process improvement initiatives.

•Gather, collect, generate and report on process metrics and KPIs on a periodic basis.

•Provide overall support to the critical information asset identification process, participate in governance meetings, provide guidance to the information asset custodians and oversee compliance to the procedures and standards.

•Accountable for the accuracy of the information asset registry

•Develop and execute detailed plans for identifying the WBG critical information assets at a periodic basis.

•Assist in liaising with all business units in the WBG to collect, synthesize and analyze information assets produced and consumed by the business units to identify the WBG critical information assets.

•Coordinate with the Security teams to provide effective solutions to information security issues pertaining to critical information assets.

•Develop and implement awareness and learning campaigns for the program to socialize the critical information asset framework.

•Conduct spot audits and checks on Information Asset Register ensuring that departmental units comply with process requirements.

•Develop, maintain, and update Information Asset Management Procedure, Standards and Standard Operating Procedure documents.

•Prepare presentations and update documentation.

Selection Criteria

•Master’s degree or Bachelors’ degree in engineering, information technology, business management or a related field with 2 years relevant experience working in an information security or IT audit field in information management or information technology OR equivalent combination of education and experience.

•Demonstrated knowledge and experience in auditing IT and security controls for information assets.

•Must have solid experience in performing process compliance validation and audit checks.

•Demonstrated experience in workflow analysis, design, and process reengineering and data analytics.

•Demonstrated experience in synthesizing data collected, performing analysis and formulating significant conclusions and designing reports

•Demonstrated experience in identifying critical information assets and maintaining information asset registers.

•Proficiency with Microsoft software products: Word, Excel, Powerpoint, Visio, Project,Outlook.

•Knowledge of data visualization using Tableau and /or PowerBI a plus.

•Understanding of IT business applications, systems, and infrastructure relationships.

•Strong sense of urgency necessary to meet objectives and deadlines; self-starter, must have initiative.

•Thorough understanding of information security risk assessment frameworks including but not limited to those from ISO and NIST.

•Demonstrated knowledge of security controls for network, database, application and operating systems. Strong knowledge and work experience with logical access controls.

•Knowledge of best practices and standards for monitoring and reporting information security performance (e.g. key risk and performance indicators, NIST/ PRISMA Maturity levels)

•Possession of industry certifications highly preferred including, but not limited to Certified Information Systems Auditor (CISA), ISO 27001 Lead Auditor, Certified Information Systems Security Professional (CISSP) and Information Systems Security Management Professional (ISSMP)

•Ability to work independently and within groups, must be self-motivated and able to work independently with minimal supervision.

•Possess excellent written and verbal communication skills, presentation, and problemsolving skills and be able to interact well with peers and internal customers.

•Ability to build and sustain cooperative and collaborative relationships in a multicultural team environment.

•Highest ethical standards.

•Master’s degree or Bachelors’ degree in engineering, information technology, business management or a related field with 2 years relevant experience working in an information security or IT audit field in information management or information technology OR equivalent combination of education and experience.

•Demonstrated knowledge and experience in auditing IT and security controls for information assets.

•Must have solid experience in performing process compliance validation and audit checks.

•Demonstrated experience in workflow analysis, design, and process reengineering and data analytics.

•Demonstrated experience in synthesizing data collected, performing analysis and formulating significant conclusions and designing reports

•Demonstrated experience in identifying critical information assets and maintaining information asset registers.

•Proficiency with Microsoft software products: Word, Excel, Powerpoint, Visio, Project,Outlook.

•Knowledge of data visualization using Tableau and /or PowerBI a plus.

•Understanding of IT business applications, systems, and infrastructure relationships.

•Strong sense of urgency necessary to meet objectives and deadlines; self-starter, must have initiative.

•Thorough understanding of information security risk assessment frameworks including but not limited to those from ISO and NIST.

•Demonstrated knowledge of security controls for network, database, application and operating systems. Strong knowledge and work experience with logical access controls.

•Knowledge of best practices and standards for monitoring and reporting information security performance (e.g. key risk and performance indicators, NIST/ PRISMA Maturity levels)

•Possession of industry certifications highly preferred including, but not limited to Certified Information Systems Auditor (CISA), ISO 27001 Lead Auditor, Certified Information Systems Security Professional (CISSP) and Information Systems Security Management Professional (ISSMP)

•Ability to work independently and within groups, must be self-motivated and able to work independently with minimal supervision.

•Possess excellent written and verbal communication skills, presentation, and problemsolving skills and be able to interact well with peers and internal customers.

•Ability to build and sustain cooperative and collaborative relationships in a multicultural team environment.

•Highest ethical standards.

World Bank Group Core Competencies

We are proud to be an equal opportunity and inclusive employer with a dedicated and committed workforce, and do not discriminate based on gender, gender identity, religion, race, ethnicity, sexual orientation, or disability.

Learn more about working at the World Bank and IFC, including our values and inspiring stories.

Note: The selected candidate will be offered a one-year appointment, renewable for an additional one year, at the discretion of the World Bank Group, and subject to a lifetime maximum ET Appointment of two years. If an ET appointment ends before a full year, it is considered as a full year toward the lifetime maximum. Former and current ET staff who have completed all or any portion of their second-year ET appointment are not eligible for future ET appointments.

Apply now

Added 1 year ago - Updated 1 year ago - Source: worldbank.org